Bug 1269855 - Certificate verification fails with multiple https urls [el7/curl]
Summary: Certificate verification fails with multiple https urls [el7/curl]
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: curl   
(Show other bugs)
Version: 7.2
Hardware: Unspecified
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Kamil Dudka
QA Contact: Stefan Dordevic
Lenka Špačková
URL:
Whiteboard:
Keywords: Patch
Depends On:
Blocks: 1313485 1269660 1289025 1295829
TreeView+ depends on / blocked
 
Reported: 2015-10-08 11:10 UTC by Kamil Dudka
Modified: 2016-11-03 17:43 UTC (History)
6 users (show)

Fixed In Version: curl-7.29.0-30.el7
Doc Type: Bug Fix
Doc Text:
*libcurl* successfully communicates with servers requiring HTTP host name to match the TLS session host name Previously, in some cases, Network Security Services (NSS) incorrectly reused a TLS session for a server with a different host name. Consequently, HTTPS servers could respond with an HTTP error 400 (Bad Request). An upstream patch has been applied on the source code of the *libcurl* library to prevent NSS from reusing a TLS session in case the HTTP host name does not match the TLS session host name. As a result, *libcurl* can now successfully communicate with servers that require HTTP host name to match the TLS session host name.
Story Points: ---
Clone Of: 1269660
Environment:
Last Closed: 2016-11-03 17:43:43 UTC
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2016:2575 normal SHIPPED_LIVE Moderate: curl security, bug fix, and enhancement update 2016-11-03 12:06:39 UTC

Comment 6 Robert Scheck 2016-05-20 11:35:15 UTC
Added this RHBZ to case 01637758 on the Red Hat customer portal to get this
moved on, given it breaks our ownCloud setups.

Comment 8 errata-xmlrpc 2016-11-03 17:43:43 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHSA-2016-2575.html


Note You need to log in before you can comment on or make changes to this bug.