Deprecated elliptic curves offered through TLS
Bug #2051379 reported by
Adrien Nader
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| erlang (Ubuntu) |
Fix Released
|
Undecided
|
Adrien Nader | ||
Bug Description
The TLS implementation in erlang uses the elliptic curves defined in RFC4492 but most of these have been obsoleted years ago by RFC8422. Moreover, some of the size of some of these is too small today.
There is a patch upstream at https:/
Related branches
~adrien/ubuntu/+source/erlang:remove-small-legacy-elliptic-curves
- Nick Rosbrook (community): Approve
- git-ubuntu import: Pending requested
- Ubuntu Sponsors: Pending requested
-
Diff: 128 lines (+86/-2)5 files modifieddebian/changelog (+6/-0)
debian/control (+2/-1)
debian/control.in (+2/-1)
debian/patches/remove-small-curves-462840f8e26d22ef9164ada13489b6b910a25189.patch (+73/-0)
debian/patches/series (+3/-0)
~adrien/ubuntu/+source/erlang:remove-small-legacy-elliptic-curves
- Ubuntu Sponsors: Pending requested
- git-ubuntu import: Pending requested
-
Diff: 128 lines (+86/-2)5 files modifieddebian/changelog (+6/-0)
debian/control (+2/-1)
debian/control.in (+2/-1)
debian/patches/remove-small-curves-462840f8e26d22ef9164ada13489b6b910a25189.patch (+73/-0)
debian/patches/series (+3/-0)
| Changed in erlang (Ubuntu): | |
| status: | New → In Progress |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in erlang (Ubuntu): | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
This bug was fixed in the package erlang - 1:25.3.
---------------
erlang (1:25.3.
* ssl: remove small and legacy elliptic curves (LP: #2051379)
-- Adrien Nader <email address hidden> Fri, 26 Jan 2024 17:43:30 +0100