Trafodion

Mitigate SSL vulnerability in Apache - CVE-2014-3566

Bug #1382277 reported by Alice Chen
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Trafodion
Fix Released
Critical
Alice Chen
Trafodion r0.9

Bug Description

Need to mitigate SSL security vulnerability in Apache. CVE-2014-3566.

CVE References

Revision history for this message
Trafodion-Gerrit (neo-devtools) wrote : Fix proposed to infra (master)

Fix proposed to branch: master
Review: https://review.trafodion.org/576

Changed in trafodion:
status: New → In Progress
Revision history for this message
Trafodion-Gerrit (neo-devtools) wrote : Fix merged to infra (master)

Reviewed: https://review.trafodion.org/576
Committed: https://github.com/trafodion/infra/commit/a5ff2b5c66dbf102091d034efb5fafcfef41d9b8
Submitter: Trafodion Jenkins
Branch: master

commit a5ff2b5c66dbf102091d034efb5fafcfef41d9b8
Author: Alice Chen <email address hidden>
Date: Thu Oct 16 17:44:07 2014 -0700

    Mitigate security vulnerability CVE-2014-3566

    Mitigate security vulnerability CVE-2014-3566 which relates to
    SSLv3 and Apache. This will disable SSLv3 and only enable TLS.
    More information can be found @ https://zmap.io/sslv3/servers.html.

    Change-Id: Ie74bfa341a722dacea65f382080d8d900e049084
    Closes-Bug: 1382277

Changed in trafodion:
status: In Progress → Fix Committed
Revision history for this message
Trafodion-Gerrit (neo-devtools) wrote : Fix proposed to infra (master)

Fix proposed to branch: master
Review: https://review.trafodion.org/577

Revision history for this message
Trafodion-Gerrit (neo-devtools) wrote : Fix merged to infra (master)

Reviewed: https://review.trafodion.org/577
Committed: https://github.com/trafodion/infra/commit/887c96d98b7f979406f14485f19f7cce4e6051b4
Submitter: Trafodion Jenkins
Branch: master

commit 887c96d98b7f979406f14485f19f7cce4e6051b4
Author: Alice Chen <email address hidden>
Date: Thu Oct 16 18:25:02 2014 -0700

    Update SSL configuration to be more secure

    Update SSL configuration to be more secure. Make SSL honor cipher
    order and disable weak ciphers.

    Change-Id: I9ce551cc699fcfeceeb7fa31267fc762178908f0
    Closes-Bug: 1382277

Alice Chen (alchen)
Changed in trafodion:
status: Fix Committed → Fix Released
Alice Chen (alchen)
Changed in trafodion:
milestone: none → r0.9
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.