cups is intolerant to TLS 1.2
Bug #1526999 reported by
Laine Gholson
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cups (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
CUPS 1.7.2-0ubuntu1.7 on Ubuntu Trusty has a security problem where connections using TLS 1.2 will fail, forcing a TLS 1.1 retry
=== How to reproduce ====
1. Connect to the cups server with HTTPS
2. Check the security info
or
1. openssl s_client -connect localhost:631
2. See the error
3. openssl s_client -tls1_1 -connect localhost:631
4. See no error
TLS 1.1 is not the newest protocol version, and therefore this can be considered a security issue.
Changed in cups (Ubuntu): | |
status: | Invalid → New |
To post a comment you must log in.
Curiously, I can't reproduce that. This is what I get:
$ openssl s_client -connect localhost:631
<snip>
SSL-Session:
Protocol : TLSv1.2
Cipher : AES256-SHA256
<snip>
Please attach the output of "apt-cache policy libssl1.0.0" and your /etc/cups/ cupsd.conf
Thanks!