Project

General

Profile

Actions

Bug #13747

closed

webrick needs option to change SSL ciphers via configuration vs hard coded values

Added by Tomer Brisker about 8 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1282514
Description of problem:

Currently the foreman-proxy piece has hard coded SSL ciphers in the following file:

/usr/share/foreman-proxy/lib/poodles-fix.rb

In order for users to pass certain security audits some Ciphers need to be disabled and currently they only approach is to modify the code, remove the offending cipher, and restart foreman-proxy. This workaround does not survive rpm updates and needs to be moved to a configuration file

Actions #1

Updated by The Foreman Bot about 8 years ago

  • Status changed from New to Ready For Testing
  • Assignee set to Tomer Brisker
  • Pull request https://github.com/theforeman/smart-proxy/pull/380 added
Actions #2

Updated by Tomer Brisker about 8 years ago

  • Category set to Security
  • Assignee deleted (Tomer Brisker)
  • Priority changed from High to Normal
Actions #3

Updated by The Foreman Bot about 8 years ago

  • Assignee set to Tomer Brisker
Actions #4

Updated by Anonymous almost 8 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #5

Updated by Dominic Cleal almost 8 years ago

  • translation missing: en.field_release set to 136
Actions

Also available in: Atom PDF