Ubuntu
freetds package

Uses lower than default TLS settings

Bug #1891805 reported by Dimitri John Ledkov on 2020-08-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	freetds (Ubuntu)	New	Undecided	Unassigned

Bug Description

Currently freetds is built against gnutls library, but has support for both gnutls & openssl.

It tries to set priority strings, and sets them to lower values that are default in Ubuntu and/or supported by SQL Server.

Please stop directly setting gnutls priority string, or use the same one as is used in gnutls in Ubuntu. NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2:%PROFILE_MEDIUM

Alternatively, please build using openssl library, as that would ensure that security level 2 is enforced without any code changes of freetds. (Built in default is DEFAULT@SECLEVEL=2)

All recent/updated version of SQL Server support TLSv1.2 https://support.microsoft.com/en-gb/help/3135244/tls-1-2-support-for-microsoft-sql-server

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntufreetds package

Uses lower than default TLS settings

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
freetds package