desktop-packages team mailing list archive
-
desktop-packages team
-
Mailing list archive
-
Message #78134
[Bug 1381484] Re: Fails to connect to servers that disable SSLv3
This bug was fixed in the package xchat-gnome -
1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.1
---------------
xchat-gnome (1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12.1) trusty; urgency=medium
* Don't force the use of SSLv3 (LP: #1381484)
- debian/patches/dont_force_sslv3.patch: use SSLv23_client_method() so
the best method gets automatically negotiated in src/common/ssl.c.
-- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx> Mon, 20 Oct 2014 10:30:21 -0400
** Changed in: xchat-gnome (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** Changed in: xchat (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xchat-gnome in Ubuntu.
https://bugs.launchpad.net/bugs/1381484
Title:
Fails to connect to servers that disable SSLv3
Status in GNOME frontend to the popular xchat IRC client:
New
Status in “xchat” package in Ubuntu:
Fix Released
Status in “xchat-gnome” package in Ubuntu:
Fix Released
Status in “xchat” source package in Precise:
Fix Released
Status in “xchat-gnome” source package in Precise:
In Progress
Status in “xchat” source package in Trusty:
Fix Released
Status in “xchat-gnome” source package in Trusty:
Fix Released
Status in “xchat” source package in Utopic:
Fix Released
Status in “xchat-gnome” source package in Utopic:
Fix Released
Status in “xchat-gnome” package in Debian:
New
Bug description:
SRU REQUEST:
[Impact]
Xchat-Gnome (and xchat) for the use of SSLv3. Since the Poodle attack
on SSLv3, many servers are now disabling the use of SSLv3, making
xchat-gnome unsable to connect successfully.
[Test Case]
Install xchat-gnome and connect to an irc server that no longer offers
SSLv3.
[Regression Potential]
This update may possibly introduce compatibility issues with sites
that don't properly handle TLSv1.2 negotiations. While such sites
existed in the past, they aren't likely to be common at the present
time. Unfortunately, there is no ultimate solution that would be
compatible with both scenarios.
Original report:
slack.com is a chat service with optional IRC integration. Since
today I can no longer connect to their IRC gateway using XChat-GNOME.
The error is:
> * Nepavyko prisijungti. Klaida: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
> Ar tai tikrai SSL šifravimą palaikantis serveris ir prievadas?
which, translated from lt_LT, means
> * Cannot connect. Error: (336130315) error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
> Does the server/port really support SSL?
I think this is part of the fallout of CVE-2014-3566 (aka POODLE).
XChat-GNOME is trying to use the insecure SSL protocol version 3, and
Slack, reasonably enough, rejects that.
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: xchat-gnome 1:0.30.0~git20131003.d20b8d+really20110821-0.2ubuntu12
ProcVersionSignature: Ubuntu 3.13.0-37.64-generic 3.13.11.7
Uname: Linux 3.13.0-37-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.5
Architecture: amd64
CurrentDesktop: GNOME
Date: Wed Oct 15 14:50:57 2014
EcryptfsInUse: Yes
InstallationDate: Installed on 2012-07-25 (811 days ago)
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release amd64 (20120425)
SourcePackage: xchat-gnome
UpgradeStatus: Upgraded to trusty on 2014-04-18 (180 days ago)
To manage notifications about this bug go to:
https://bugs.launchpad.net/xchat-gnome/+bug/1381484/+subscriptions
References