Deprecated elliptic curves offered through TLS
Bug #2051379 reported by
Adrien Nader
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
erlang (Ubuntu) |
Fix Released
|
Undecided
|
Adrien Nader |
Bug Description
The TLS implementation in erlang uses the elliptic curves defined in RFC4492 but most of these have been obsoleted years ago by RFC8422. Moreover, some of the size of some of these is too small today.
There is a patch upstream at https:/
Changed in erlang (Ubuntu): | |
status: | New → In Progress |
To post a comment you must log in.
This bug was fixed in the package erlang - 1:25.3. 2.8+dfsg- 1ubuntu1
--------------- 2.8+dfsg- 1ubuntu1) noble; urgency=medium
erlang (1:25.3.
* ssl: remove small and legacy elliptic curves (LP: #2051379)
-- Adrien Nader <email address hidden> Fri, 26 Jan 2024 17:43:30 +0100