touch-packages team mailing list archive

Thread
Date

[Bug 1510163] Re: Poodle TLS1.0 issue in Trusty (and Precise)

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Bryan Quigley <bryan.quigley@xxxxxxxxxxxxx>
Date: Thu, 29 Oct 2015 19:36:44 -0000
Reply-to: Bug 1510163 <1510163@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Information type changed from Public to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in Ubuntu.
https://bugs.launchpad.net/bugs/1510163

Title:
  Poodle TLS1.0 issue in Trusty (and Precise)

Status in gnutls26 package in Ubuntu:
  New

Bug description:
  This issue is present in Trusty and Precise with the stock main gnutls
  - https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-
  bites-tls

  If I switch cups to use gnutls28-dev on 14.04 the issue appears to go
  away according to ssllabs.   My test case is cups with SSL on.

  [1] http://pastebin.ubuntu.com/12970857/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1510163/+subscriptions

References

[Bug 1510163] [NEW] Poodle TLS1.0 issue in Trusty (and Precise)
From: Bryan Quigley, 2015-10-26