Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

RHELPRIO AssignedTeam ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: rhel-9.8
Affects Version/s: rhel-9.8
Component/s: openssl
Labels:
None

Regression:
Yes
Severity:
Important
Epic Link:
CRYPTO-17518

AssignedTeam:
rhel-security-crypto-diamonds

Internal Target Milestone:
20
Story Points:
0
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
No
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

Release Note Type:
Unspecified Release Note Type - Unknown
ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

OpenSSL needs a backport of https://github.com/openssl/openssl/pull/29192 to prevent sending an empty key share when the first group in a TLS group list is set to an unsupported one.

causes

RHEL-128018 New OpenSSL release for RHEL 9.7 creates incompatibility with latest available Postfix package, postfix-3.5.25-1.el9.x86_64

Planning

clones

RHEL-130984 Setting first TLS group to an unsupported one yields an empty key share [rhel-10.2]

Planning

Assignee:: Pavol Zacik

Reporter:: Pavol Zacik

Developer:: Dmitry Belyavskiy

QA Contact:: Georgios Stavros Pantelakis

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2025/11/25 5:29 PM

Updated:: 2025/12/01 10:38 AM

Stale Date:: 2026/11/24

Target end:: 2026/01/12

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates