Poodle TLS1.0 issue in Trusty (and Precise)
Bug #1510163 reported by
Bryan Quigley
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnutls26 (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Precise |
Fix Released
|
High
|
Marc Deslauriers | ||
Trusty |
Fix Released
|
High
|
Marc Deslauriers |
Bug Description
[Impact]
Gnutls is affected by the Poodle TLS exploit https:/
[Test Case]
launch a new trusty VM
sudo apt-get install cups
Open /etc/cups/
...
# Only listen for connections from the local machine.
#Listen localhost:631
Listen /var/run/
SSLPort 443
SSLOptions None
ServerAlias 127.35.
...
Restart cups and then run the ssllabs test - https:/
[Regression Potential]
This is a simple off by one error, that's fixed in all newer versions of gnutls.
CVE References
tags: | added: precise trusty |
information type: | Public → Public Security |
Changed in gnutls26 (Ubuntu): | |
importance: | Undecided → High |
tags: | added: poodle |
description: | updated |
description: | updated |
Changed in gnutls26 (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in gnutls26 (Ubuntu Trusty): | |
status: | New → Confirmed |
Changed in gnutls26 (Ubuntu Precise): | |
importance: | Undecided → High |
Changed in gnutls26 (Ubuntu Trusty): | |
importance: | Undecided → High |
Changed in gnutls26 (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in gnutls26 (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in gnutls26 (Ubuntu): | |
status: | New → Fix Released |
Changed in gnutls26 (Ubuntu Precise): | |
status: | Confirmed → Triaged |
Changed in gnutls26 (Ubuntu Trusty): | |
status: | Confirmed → Triaged |
To post a comment you must log in.
Tested both with ssllabs should go from F rating to C rating - POODLE TLS issue should be gone, but SSLv3 will still be enabled. That's a separate bug - 1505328.