[Bug 1381484] Re: Fails to connect to servers that disable SSLv3

Launchpad Bug Tracker 1381484 at bugs.launchpad.net
Tue Oct 28 13:48:06 UTC 2014


This bug was fixed in the package xchat - 2.8.8-7.1ubuntu5.1

---------------
xchat (2.8.8-7.1ubuntu5.1) trusty; urgency=medium

  * Don't force the use of SSLv3 (LP: #1381484)
    - debian/patches/dont_force_sslv3.patch: use SSLv23_client_method()
      so the best method gets automatically negotiated in
      src/common/ssl.c.
 -- Marc Deslauriers <marc.deslauriers at ubuntu.com>   Mon, 20 Oct 2014 11:55:26 -0400

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to a duplicate bug report (1381777).
https://bugs.launchpad.net/bugs/1381484

Title:
  Fails to connect to servers that disable SSLv3

Status in GNOME frontend to the popular xchat IRC client:
  New
Status in “xchat” package in Ubuntu:
  Fix Released
Status in “xchat-gnome” package in Ubuntu:
  Fix Released
Status in “xchat” source package in Precise:
  Fix Released
Status in “xchat-gnome” source package in Precise:
  In Progress
Status in “xchat” source package in Trusty:
  Fix Released
Status in “xchat-gnome” source package in Trusty:
  Fix Released
Status in “xchat” source package in Utopic:
  Fix Released
Status in “xchat-gnome” source package in Utopic:
  Fix Released
Status in “xchat-gnome” package in Debian:
  New

Bug description:
  SRU REQUEST:

  [Impact]

  Xchat-Gnome (and xchat) for the use of SSLv3. Since the Poodle attack
  on SSLv3, many servers are now disabling the use of SSLv3, making
  xchat-gnome unsable to connect successfully.

  [Test Case]

  Install xchat-gnome and connect to an irc server that no longer offers
  SSLv3.

  [Regression Potential]

  This update may possibly introduce compatibility issues with sites
  that don't properly handle TLSv1.2 negotiations. While such sites
  existed in the past, they aren't likely to be common at the present
  time. Unfortunately, there is no ultimate solution that would be
  compatible with both scenarios.

  
  Original report:

  slack.com is a chat service with optional IRC integration.  Since
  today I can no longer connect to their IRC gateway using XChat-GNOME.
  The error is:

  > * Nepavyko prisijungti. Klaida: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
  > Ar tai tikrai SSL šifravimą palaikantis serveris ir prievadas?

  which, translated from lt_LT, means

  > * Cannot connect.  Error: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
  > Does the server/port really support SSL?

  I think this is part of the fallout of CVE-2014-3566 (aka POODLE).
  XChat-GNOME is trying to use the insecure SSL protocol version 3, and
  Slack, reasonably enough, rejects that.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: xchat-gnome 1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12
  ProcVersionSignature: Ubuntu 3.13.0-37.64-generic 3.13.11.7
  Uname: Linux 3.13.0-37-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.5
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Wed Oct 15 14:50:57 2014
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2012-07-25 (811 days ago)
  InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
  SourcePackage: xchat-gnome
  UpgradeStatus: Upgraded to trusty on 2014-04-18 (180 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/xchat-gnome/+bug/1381484/+subscriptions



More information about the Ubuntu-sponsors mailing list