[Bug 1381484] Re: Fails to connect to servers that disable SSLv3
Launchpad Bug Tracker
1381484 at bugs.launchpad.net
Tue Oct 28 13:48:06 UTC 2014
This bug was fixed in the package xchat - 2.8.8-7.1ubuntu5.1
---------------
xchat (2.8.8-7.1ubuntu5.1) trusty; urgency=medium
* Don't force the use of SSLv3 (LP: #1381484)
- debian/patches/dont_force_sslv3.patch: use SSLv23_client_method()
so the best method gets automatically negotiated in
src/common/ssl.c.
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Mon, 20 Oct 2014 11:55:26 -0400
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to a duplicate bug report (1381777).
https://bugs.launchpad.net/bugs/1381484
Title:
Fails to connect to servers that disable SSLv3
Status in GNOME frontend to the popular xchat IRC client:
New
Status in “xchat” package in Ubuntu:
Fix Released
Status in “xchat-gnome” package in Ubuntu:
Fix Released
Status in “xchat” source package in Precise:
Fix Released
Status in “xchat-gnome” source package in Precise:
In Progress
Status in “xchat” source package in Trusty:
Fix Released
Status in “xchat-gnome” source package in Trusty:
Fix Released
Status in “xchat” source package in Utopic:
Fix Released
Status in “xchat-gnome” source package in Utopic:
Fix Released
Status in “xchat-gnome” package in Debian:
New
Bug description:
SRU REQUEST:
[Impact]
Xchat-Gnome (and xchat) for the use of SSLv3. Since the Poodle attack
on SSLv3, many servers are now disabling the use of SSLv3, making
xchat-gnome unsable to connect successfully.
[Test Case]
Install xchat-gnome and connect to an irc server that no longer offers
SSLv3.
[Regression Potential]
This update may possibly introduce compatibility issues with sites
that don't properly handle TLSv1.2 negotiations. While such sites
existed in the past, they aren't likely to be common at the present
time. Unfortunately, there is no ultimate solution that would be
compatible with both scenarios.
Original report:
slack.com is a chat service with optional IRC integration. Since
today I can no longer connect to their IRC gateway using XChat-GNOME.
The error is:
> * Nepavyko prisijungti. Klaida: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
> Ar tai tikrai SSL šifravimą palaikantis serveris ir prievadas?
which, translated from lt_LT, means
> * Cannot connect. Error: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
> Does the server/port really support SSL?
I think this is part of the fallout of CVE-2014-3566 (aka POODLE).
XChat-GNOME is trying to use the insecure SSL protocol version 3, and
Slack, reasonably enough, rejects that.
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: xchat-gnome 1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12
ProcVersionSignature: Ubuntu 3.13.0-37.64-generic 3.13.11.7
Uname: Linux 3.13.0-37-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.5
Architecture: amd64
CurrentDesktop: GNOME
Date: Wed Oct 15 14:50:57 2014
EcryptfsInUse: Yes
InstallationDate: Installed on 2012-07-25 (811 days ago)
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
SourcePackage: xchat-gnome
UpgradeStatus: Upgraded to trusty on 2014-04-18 (180 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/xchat-gnome/+bug/1381484/+subscriptions
More information about the Ubuntu-sponsors
mailing list