Activity log for bug #1970993

Date Who What changed Old value New value Message
2022-04-29 20:14:37 Chris Johnston bug added bug
2022-04-29 20:15:09 Chris Johnston bug task added etcd-snaps
2022-04-29 20:16:40 Chris Johnston description etcd as provided by the snap and charm utilized the default TLS ciphers as provided by Go. This currently allows for weak ciphers to still be used by default (TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA). This was discussed in depth in an issue upstream [1], in which a change has been made to allow for passing `--cipher-suites` to override the defaults provided by Go. With this, the snap and the charm should be updated to support a user defined cipher-suites config option which is then passed on to the snap. [1] https://github.com/etcd-io/etcd/issues/8320 etcd as provided by the snap and charm utilized the default TLS ciphers as provided by Go. This currently allows for weak ciphers to still be used by default (TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA [1]). This was discussed in depth in an issue upstream [2], in which a change has been made to allow for passing `--cipher-suites` to override the defaults provided by Go. With this, the snap and the charm should be updated to support a user defined cipher-suites config option which is then passed on to the snap. [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183 [2] https://github.com/etcd-io/etcd/issues/8320
2022-05-05 07:51:11 Chris Johnston information type Public Public Security
2022-05-19 23:17:08 Chris Johnston etcd-snaps: status New Invalid
2022-05-19 23:17:12 Chris Johnston charm-etcd: status New In Progress
2022-05-19 23:17:14 Chris Johnston charm-etcd: assignee Chris Johnston (cjohnston)
2022-05-20 00:54:38 Nobuto Murata bug added subscriber Nobuto Murata
2022-05-20 18:37:49 Chris Johnston charm-etcd: status In Progress Fix Committed
2022-05-23 14:11:50 George Kraft charm-etcd: milestone 1.24+ck1
2022-05-25 05:06:45 Nobuto Murata bug task added charm-kubernetes-master
2022-05-25 05:10:39 Nobuto Murata attachment added k8s-control-plane_default.html https://bugs.launchpad.net/charm-kubernetes-master/+bug/1970993/+attachment/5592769/+files/k8s-control-plane_default.html
2022-05-25 05:10:54 Nobuto Murata attachment added report_intermediate_ciphers.html https://bugs.launchpad.net/charm-kubernetes-master/+bug/1970993/+attachment/5592770/+files/report_intermediate_ciphers.html
2022-05-30 08:20:52 Nobuto Murata bug added subscriber Canonical Field Medium
2022-05-31 14:36:19 Nobuto Murata charm-kubernetes-master: status New Fix Committed
2022-05-31 14:36:22 Nobuto Murata charm-kubernetes-master: assignee Nobuto Murata (nobuto)
2022-05-31 14:55:49 George Kraft charm-kubernetes-master: milestone 1.24+ck1
2022-05-31 14:55:55 George Kraft tags backport-needed
2022-05-31 14:56:26 George Kraft charm-etcd: importance Undecided High
2022-05-31 14:56:28 George Kraft charm-kubernetes-master: importance Undecided High
2022-08-01 19:38:44 Adam Dyess tags backport-needed
2022-08-04 17:47:47 Adam Dyess charm-etcd: status Fix Committed Fix Released
2022-08-04 17:59:34 Adam Dyess charm-kubernetes-master: status Fix Committed Fix Released