Fuel node vulnerable to Poodle attack
Bug #1594345 reported by
Adam Heczko
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Fuel for OpenStack |
Invalid
|
Medium
|
Unassigned | ||
Bug Description
Detailed bug description:
It was suspected that Fuel is vulnerable to Poodle attack.
Steps to reproduce:
Examine nginx configuration settings.
E.g.:
- enter nginx docker container: docker exec -i -t [container-id]
- cat /etc/nginx/
Observe lines ssl_protocols, ssl_ciphers
Fuel version 8.0 and upwards allows use of only TLSv1 TLSv1.1 TLSv1.2; cipher suites.
This means that is not vulnerable to Poodle attack.
| Changed in fuel: | |
| status: | Triaged → Invalid |
| milestone: | none → 8.0-updates |
To post a comment you must log in.
