Bug 1686140 - Diffie-Hellman keysize < 2048 in logging-es
Summary: Diffie-Hellman keysize < 2048 in logging-es
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Logging
Version: 3.10.0
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 3.10.z
Assignee: Rich Megginson
QA Contact: Anping Li
URL:
Whiteboard:
Depends On: 1679841 1685655
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-03-06 19:52 UTC by Jeff Cantrill
Modified: 2019-04-09 23:40 UTC (History)
7 users (show)

Fixed In Version: openshift3/logging-elasticsearch:v3.10.125-1
Doc Type: Bug Fix
Doc Text:
Cause: The SSL/TLS service uses Diffie-Hellman groups with insufficient strength (key size < 2048) Consequence: The keys are more vulnerable Fix: Increase the key strength Result: The certificates are more secure
Clone Of: 1685655
Environment:
Last Closed: 2019-04-09 23:40:43 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift origin-aggregated-logging pull 1552 0 None None None 2019-03-11 15:44:39 UTC
Red Hat Product Errata RHBA-2019:0620 0 None None None 2019-04-09 23:40:52 UTC

Comment 1 Rich Megginson 2019-03-11 15:44:40 UTC 
https://github.com/openshift/origin-aggregated-logging/pull/1552
Comment 2 Rich Megginson 2019-03-11 17:51:19 UTC 
merged upstream https://github.com/openshift/origin-aggregated-logging/commit/55dc749729df419eed26704113c41acad28e4b52
Comment 4 Anping Li 2019-03-25 05:59:12 UTC 
fix in openshift-ansible v3.10.127
Comment 6 errata-xmlrpc 2019-04-09 23:40:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0620
Note You need to log in before you can comment on or make changes to this bug.