desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #153659
[Bug 1526999] Re: cups is intolerant to TLS 1.2
It's my OpenSSL, isn't it, because I am running a custom OpenSSL 1.0.2e with ChaCha20 support:
libssl1.0.0:
Installed: 1.0.2e-0laine1
Candidate: 1.0.2e-0laine1
Version table:
*** 1.0.2e-0laine1 0
100 /var/lib/dpkg/status
1.0.1f-1ubuntu2.16 0
500 http://ports.ubuntu.com/ubuntu-ports/ trusty-security/main armhf Packages
500 http://ports.ubuntu.com/ubuntu-ports/ trusty-updates/main armhf Packages
1.0.1f-1ubuntu2 0
500 http://ports.ubuntu.com/ubuntu-ports/ trusty/main armhf Packages
** Changed in: cups (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/1526999
Title:
cups is intolerant to TLS 1.2
Status in cups package in Ubuntu:
Invalid
Bug description:
CUPS 1.7.2-0ubuntu1.7 on Ubuntu Trusty has a security problem where
connections using TLS 1.2 will fail, forcing a TLS 1.1 retry
=== How to reproduce ====
1. Connect to the cups server with HTTPS
2. Check the security info
or
1. openssl s_client -connect localhost:631
2. See the error
3. openssl s_client -tls1_1 -connect localhost:631
4. See no error
TLS 1.1 is not the newest protocol version, and therefore this can be
considered a security issue.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/1526999/+subscriptions