"dh key too small" after updating to latest openssl package
Bug #1464626 reported by
Doug Burks
This bug affects 9 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tcltls (Debian) |
Fix Released
|
Unknown
|
|||
tcltls (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
I maintain Ubuntu 12.04 packages for Sguil (http://
Error: SSL channel "sock4": error: dh key too small
This error message seems related to this:
"As a security improvement, this update also modifies OpenSSL behaviour to
reject DH key sizes below 768 bits, preventing a possible downgrade
attack."
http://
I did "apt-get source tcltls" and, based on quick review, it seems that tls.c is using DH512.
Is this going to be updated to 768 or higher?
Thanks!
tags: | added: weakdh |
Changed in tcltls (Debian): | |
status: | Unknown → New |
Changed in tcltls (Debian): | |
status: | New → Fix Released |
To post a comment you must log in.
Also found this bug at the upstream tcltls project: sourceforge. net/p/tls/ bugs/59/
http://