SYMC: FREAK SSL vulnerability
Bug #1477400 reported by
Varun Lodaya
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
Juniper Openstack | Status tracked in Trunk | |||||
R2.0 |
Fix Committed
|
Medium
|
Varun Lodaya | |||
R2.1 |
Fix Committed
|
Medium
|
Varun Lodaya | |||
R2.20 |
Fix Committed
|
Medium
|
Varun Lodaya | |||
Trunk |
Fix Committed
|
Medium
|
Varun Lodaya | |||
OpenContrail |
New
|
Medium
|
Varun Lodaya |
Bug Description
HAProxy by default supports all the openssl supported ciphers which includes which ciphers too. The usage of these ciphers could allow an attacker with sufficient time and resources to crack the encrypted connection. Once the attacker has broken the encryption, they would be able to eavesdrop on and/or modify any data sent over the connection.
Need to configure haproxy to support only strong ciphers.
Changed in opencontrail: | |
assignee: | nobody → Varun Lodaya (varun-lodaya) |
importance: | Undecided → Medium |
tags: | added: lbaas |
tags: | added: haproxy |
summary: |
- FREAK SSL vulnerability + SYMC: FREAK SSL vulnerability |
To post a comment you must log in.
Review in progress for https:/ /review. opencontrail. org/12570
Submitter: Varun Lodaya (<email address hidden>)