PacketFence - BTS - PacketFence |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0001866 | PacketFence | security | public | 2015-02-11 16:22 | 2015-02-18 10:47 |
|
| Reporter | ae3 | |
| Assigned To | lmunro | |
| Priority | high | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | Linux | OS | RHEL / CentOS | OS Version | 6 |
| Product Version | 4.6.0 | |
| Target Version | | Fixed in Version | | |
| fixed in git revision | |
| fixed in mtn revision | |
|
| Summary | 0001866: Disable SSLv3 on web servers for POODLE |
| Description | (This applies to version 4.6.0, which is still not available in the pull-down)
SSLv3 is enabled by default in Apache config files. Not a best common practice with POODLE on the loose.
|
| Steps To Reproduce | Boot PF, run this command from a Linux/Mac/Unix client, look for handshake error if SSLv3 is properly disabled:
openssl s_client -connect [hostname]:443 -ssl3
|
| Additional Information | I edited the httpd.* files to pass our quarterly external audit, but this should be a permanent setting in the distributed config files IMO. |
| Tags | No tags attached. |
| Relationships | |
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2015-02-11 16:22 | ae3 | New Issue | |
| 2015-02-12 11:46 | lmunro | Assigned To | => lmunro |
| 2015-02-12 11:46 | lmunro | Status | new => assigned |
| 2015-02-12 11:46 | lmunro | Product Version | 4.5.0 => 4.6.0 |
| 2015-02-16 10:14 | lmunro | Note Added: 0003842 | |
| 2015-02-16 10:50 | lmunro | Note Added: 0003843 | |
| 2015-02-18 10:47 | lmunro | Note Added: 0003850 | |
| 2015-02-18 10:47 | lmunro | Status | assigned => closed |
| 2015-02-18 10:47 | lmunro | Resolution | open => fixed |