ClearFoundation Tracker - ClearOS | |||||
| View Issue Details | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0000418 | ClearOS | webconfig-php | public | 2011-12-31 16:56 | 2012-04-13 18:30 |
| Reporter | timb80 | ||||
| Assigned To | user2 | ||||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Platform | OS | OS Version | |||
| Product Version | 5.2-SP1 | ||||
| Target Version | Fixed in Version | 6.2.0 Beta 3 | |||
| Summary | 0000418: Change SSL default config in app-ssl from md5 to sha1 | ||||
| Description | OpenSSL now defaults to sha1 to sign certificates (/etc/pki/tls/openssl.cnf) due to the vulnerability of potential for hash collisions with md5 However the SSL config generated by the webconfig (/etc/ssl/openssl.cnf) is provided by app-ssl and still refers to md5 default_md = md5 | ||||
| Steps To Reproduce | |||||
| Additional Information | http://www.clearfoundation.com/component/option,com_kunena/Itemid,232/catid,25/func,view/id,36290/#36302 [^] http://en.wikipedia.org/wiki/MD5#Collision_vulnerabilities [^] | ||||
| Tags | No tags attached. | ||||
| Relationships | |||||
| Attached Files | |||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2011-12-31 16:56 | timb80 | New Issue | |||
| 2012-01-03 02:54 | user2 | Status | new => confirmed | ||
| 2012-01-03 03:14 | user2 | Note Added: 0000402 | |||
| 2012-01-03 03:14 | user2 | Status | confirmed => resolved | ||
| 2012-01-03 03:14 | user2 | Fixed in Version | => 6.2 Beta 3 | ||
| 2012-01-03 03:14 | user2 | Resolution | open => fixed | ||
| 2012-01-03 03:14 | user2 | Assigned To | => user2 | ||
| 2012-04-13 18:30 | user2 | Status | resolved => closed | ||
| Notes | |||||
|
|
|||||
|
|
||||