glusterfs.git -

diff options

author	Kaleb S. KEITHLEY <kkeithle@redhat.com>	2014-10-22 10:25:29 -0400
committer	Kaleb KEITHLEY <kkeithle@redhat.com>	2014-10-29 10:31:40 -0700
commit	4dc4325a4c643b25fa7b670a30cf253491740d97 (patch)
tree	41a9d908b750a833f9ef03b820e48fab199ec63f /xlators/mount
parent	fe3e541ac559c975f7b27cb07834c572db1c4465 (diff)

socket: disallow CBC cipher modes

This is related to CVE-2014-3566 a.k.a. POODLE. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566 POODLE is specific to CBC cipher modes in SSLv3. Because there is no way to prevent SSLv3 fallback on a system with an unpatched version of OpenSSL, users of such systems can only be protected by disallowing CBC modes. The default cipher-mode specification in our code has been changed accordingly. cherry picked from http://review.gluster.org/#/c/8962/ BZ 1155328 Change-Id: Id38a7eb3ab55058a0ee5dda9cb4c62b49b1ab9cb BUG: 1155630 Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/8967 Reviewed-by: Jeff Darcy <jdarcy@redhat.com>

Diffstat (limited to 'xlators/mount')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: