Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-97069

OpenSSL 1.1.1 bug 9335 stops MariaDB from selecting appropriate TLSv1.3 ciphers

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Critical Critical
    • None
    • rhel-8.10
    • openssl
    • None
    • No
    • Critical
    • rhel-security-crypto
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • x86_64
    • None

      A bug exists in OpenSSL 1.1.1 that stops MariaDB from being able to select both TLSv1.2 and TSLv1.3 ciphers at the same time MDEV-36981.  The bug was fixed for OpenSSL 3.0, however it was not fixed for OpenSSL 1.1.1 as it is now EoL.

      Since OpenSSL 1.1.1 is packaged with RHEL8 and will be utilised until 2029 can Red Hat backport this fix to OpenSSL 1.1.1?

              dbelyavs@redhat.com Dmitry Belyavskiy
              alibloke Alasdair Haswell (Inactive)
              Dmitry Belyavskiy Dmitry Belyavskiy
              Georgios Stavros Pantelakis Georgios Stavros Pantelakis
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: