[Bug 1510163] Re: Poodle TLS1.0 issue in Trusty (and Precise)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Nov 26 16:51:35 UTC 2015
** Changed in: gnutls26 (Ubuntu Precise)
Status: New => Confirmed
** Changed in: gnutls26 (Ubuntu Trusty)
Status: New => Confirmed
** Changed in: gnutls26 (Ubuntu Precise)
Importance: Undecided => High
** Changed in: gnutls26 (Ubuntu Trusty)
Importance: Undecided => High
** Changed in: gnutls26 (Ubuntu Precise)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: gnutls26 (Ubuntu Trusty)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: gnutls26 (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1510163
Title:
Poodle TLS1.0 issue in Trusty (and Precise)
Status in gnutls26 package in Ubuntu:
Fix Released
Status in gnutls26 source package in Precise:
Confirmed
Status in gnutls26 source package in Trusty:
Confirmed
Bug description:
[Impact]
Gnutls is affected by the Poodle TLS exploit https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls
[Test Case]
launch a new trusty VM
sudo apt-get install cups
Open /etc/cups/cupsd.conf and change just this one section
...
# Only listen for connections from the local machine.
#Listen localhost:631
Listen /var/run/cups/cups.sock
SSLPort 443
SSLOptions None
ServerAlias 127.35.213.162.lcy-02.canonistack.canonical.com
...
Restart cups and then run the ssllabs test - https://www.ssllabs.com/ssltest/
[Regression Potential]
This is a simple off by one error, that's fixed in all newer versions of gnutls.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1510163/+subscriptions
More information about the foundations-bugs
mailing list