| 2018-10-11 13:41:48 |
Dimitri John Ledkov |
bug |
|
|
added bug |
| 2018-10-11 13:41:58 |
Dimitri John Ledkov |
tags |
|
bionic |
|
| 2018-10-11 14:18:29 |
Dimitri John Ledkov |
summary |
SRU OpenSSL 1.1.1 to 18.04 LTS |
[SRU] OpenSSL 1.1.1 to 18.04 LTS |
|
| 2018-10-11 14:49:06 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04 |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
|
| 2018-10-16 20:58:01 |
Launchpad Janitor |
openssl (Ubuntu): status |
New |
Confirmed |
|
| 2018-10-16 21:15:32 |
David |
bug |
|
|
added subscriber David |
| 2018-10-17 03:11:29 |
Rachid Achellal |
bug |
|
|
added subscriber Rachid Achellal |
| 2018-10-17 07:48:59 |
Jean-Daniel Dupas |
bug |
|
|
added subscriber Jean-Daniel Dupas |
| 2018-10-17 14:33:53 |
Simon Déziel |
bug |
|
|
added subscriber Simon Déziel |
| 2018-10-18 13:04:12 |
Oibaf |
bug |
|
|
added subscriber Oibaf |
| 2018-10-18 23:48:21 |
Colin Lemoine |
bug |
|
|
added subscriber Colin Lemoine |
| 2018-10-19 07:42:44 |
Marian Rainer-Harbach |
bug |
|
|
added subscriber Marian Rainer-Harbach |
| 2018-10-19 10:43:53 |
Tom |
bug |
|
|
added subscriber Tom |
| 2018-10-19 12:01:53 |
Josh Lee |
bug |
|
|
added subscriber Josh Lee |
| 2018-10-19 17:31:23 |
Felipe Kellermann |
bug |
|
|
added subscriber Felipe Kellermann |
| 2018-10-19 19:41:13 |
ash |
bug |
|
|
added subscriber Josh Holland |
| 2018-10-20 07:10:05 |
kPherox |
bug |
|
|
added subscriber kPherox |
| 2018-10-22 18:19:37 |
George Perez-Marrero |
bug |
|
|
added subscriber George Perez-Marrero |
| 2018-10-23 07:00:18 |
jmorahan |
bug |
|
|
added subscriber jmorahan |
| 2018-10-26 19:05:52 |
Thomas Ward |
bug |
|
|
added subscriber Thomas Ward |
| 2018-11-04 15:29:38 |
Haden Software |
bug |
|
|
added subscriber Haden Software |
| 2018-11-08 01:31:57 |
Ryan |
bug |
|
|
added subscriber Ryan |
| 2018-11-14 20:04:51 |
R B Gruwel |
bug |
|
|
added subscriber R B Gruwel |
| 2018-11-19 10:45:21 |
Szilárd Pfeiffer |
bug |
|
|
added subscriber Szilárd Pfeiffer |
| 2018-11-19 11:05:52 |
DEXTER |
bug |
|
|
added subscriber DEXTER |
| 2018-11-23 08:03:04 |
Zoltán Halassy |
bug |
|
|
added subscriber Zoltán Halassy |
| 2018-11-29 10:50:36 |
Jeremy Bícha |
bug |
|
|
added subscriber Jeremy Bicha |
| 2018-12-02 18:06:42 |
Julian Andres Klode |
bug |
|
|
added subscriber Julian Andres Klode |
| 2018-12-08 02:27:58 |
C de-Avillez |
bug |
|
|
added subscriber C de-Avillez |
| 2018-12-11 00:16:15 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
|
| 2018-12-11 00:27:31 |
George Perez-Marrero |
removed subscriber George Perez-Marrero |
|
|
|
| 2018-12-19 16:21:03 |
Virsacer |
bug |
|
|
added subscriber Virsacer |
| 2018-12-26 10:38:32 |
NetVicious |
bug |
|
|
added subscriber NetVicious |
| 2018-12-26 12:50:07 |
Christoph Settgast |
bug |
|
|
added subscriber Christoph Settgast |
| 2019-01-01 19:14:33 |
Markus Ueberall |
bug |
|
|
added subscriber Markus Ueberall |
| 2019-01-28 19:22:15 |
René Walendy |
bug |
|
|
added subscriber René Walendy |
| 2019-02-03 17:21:07 |
Marc Peña |
bug |
|
|
added subscriber Marc Peña |
| 2019-02-04 19:23:20 |
Bryan Quigley |
bug |
|
|
added subscriber Bryan Quigley |
| 2019-02-06 02:14:08 |
Richard Vézina |
bug |
|
|
added subscriber Richard Vézina |
| 2019-02-07 19:21:29 |
Kellen Renshaw |
bug |
|
|
added subscriber Kellen Renshaw |
| 2019-02-15 03:10:58 |
NJ |
bug |
|
|
added subscriber NJ |
| 2019-02-15 03:47:25 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Bionic |
|
| 2019-02-15 03:47:25 |
Dimitri John Ledkov |
bug task added |
|
openssl (Ubuntu Bionic) |
|
| 2019-02-15 03:47:42 |
Dimitri John Ledkov |
bug task added |
|
libio-socket-ssl-perl (Ubuntu) |
|
| 2019-02-15 03:47:52 |
Dimitri John Ledkov |
bug task added |
|
libnet-ssleay-perl (Ubuntu) |
|
| 2019-02-15 03:47:59 |
Dimitri John Ledkov |
bug task added |
|
nova (Ubuntu) |
|
| 2019-02-15 03:48:07 |
Dimitri John Ledkov |
bug task added |
|
python-cryptography (Ubuntu) |
|
| 2019-02-15 03:48:15 |
Dimitri John Ledkov |
bug task added |
|
python2.7 (Ubuntu) |
|
| 2019-02-15 03:48:23 |
Dimitri John Ledkov |
bug task added |
|
python3.6 (Ubuntu) |
|
| 2019-02-15 03:48:30 |
Dimitri John Ledkov |
bug task added |
|
python3.7 (Ubuntu) |
|
| 2019-02-15 03:48:36 |
Dimitri John Ledkov |
bug task added |
|
r-cran-openssl (Ubuntu) |
|
| 2019-02-15 03:48:43 |
Dimitri John Ledkov |
bug task added |
|
ruby-openssl (Ubuntu) |
|
| 2019-02-15 03:48:50 |
Dimitri John Ledkov |
bug task added |
|
ruby2.5 (Ubuntu) |
|
| 2019-02-15 03:49:48 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
|
| 2019-02-15 03:50:01 |
Dimitri John Ledkov |
openssl (Ubuntu): status |
Confirmed |
In Progress |
|
| 2019-02-15 03:50:13 |
Dimitri John Ledkov |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2019-02-19 10:55:40 |
Valters Jansons |
bug |
|
|
added subscriber Valters Jansons |
| 2019-02-23 04:34:21 |
Alex Kennedy |
bug |
|
|
added subscriber Alex Kennedy |
| 2019-02-25 20:59:58 |
Frank Heimes |
bug |
|
|
added subscriber Frank Heimes |
| 2019-03-04 15:24:45 |
Stian Jensen |
bug |
|
|
added subscriber Stian Jensen |
| 2019-03-05 23:07:36 |
Tim Wegener |
bug |
|
|
added subscriber Tim Wegener |
| 2019-03-09 20:31:02 |
Steve Langasek |
r-cran-openssl (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2019-03-09 20:31:11 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
| 2019-03-09 20:31:13 |
Steve Langasek |
bug task deleted |
r-cran-openssl (Ubuntu) |
|
|
| 2019-03-09 20:31:23 |
Steve Langasek |
bug task deleted |
libio-socket-ssl-perl (Ubuntu) |
|
|
| 2019-03-09 20:31:36 |
Steve Langasek |
tags |
bionic |
bionic verification-needed verification-needed-bionic |
|
| 2019-03-09 20:33:06 |
Steve Langasek |
bug task deleted |
libnet-ssleay-perl (Ubuntu) |
|
|
| 2019-03-09 20:33:16 |
Steve Langasek |
bug task deleted |
nova (Ubuntu) |
|
|
| 2019-03-09 20:33:37 |
Steve Langasek |
bug task deleted |
python2.7 (Ubuntu) |
|
|
| 2019-03-09 20:34:21 |
Steve Langasek |
bug task deleted |
python-cryptography (Ubuntu) |
|
|
| 2019-03-10 00:59:51 |
Steve Langasek |
bug task deleted |
python3.6 (Ubuntu) |
|
|
| 2019-03-10 01:00:09 |
Steve Langasek |
bug task deleted |
python3.7 (Ubuntu) |
|
|
| 2019-03-10 01:00:10 |
Steve Langasek |
ruby-openssl (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2019-03-10 01:00:17 |
Steve Langasek |
bug task deleted |
ruby-openssl (Ubuntu) |
|
|
| 2019-03-10 01:00:30 |
Steve Langasek |
bug task deleted |
ruby2.5 (Ubuntu) |
|
|
| 2019-03-10 22:38:10 |
Dr. Uwe Meyer-Gruhl |
bug watch added |
|
http://trac.nginx.org/nginx/ticket/1529 |
|
| 2019-03-11 21:12:46 |
Steve Langasek |
openssl (Ubuntu Bionic): status |
New |
Incomplete |
|
| 2019-03-14 14:47:26 |
vvhk |
bug |
|
|
added subscriber Vlad K. |
| 2019-03-14 16:11:21 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
* Following the change in Cosmic and up, this SRU also includes a distro patch that lowers OPENSSL_TLS_SECURITY_LEVEL from 1 to 0, to allow for establishing client->server server->client connections with lower grade security settings (e.g. sub-80bits keys, MD5/SHA1 certificate checksums, and other crap like that). This is to continue allow bionic clients to connect to servers operating with older 1.0.x based openssl, as typically clients are at no mercy to reject servers that do not have any better certs/keys/signatures. Thus potentially weak-security connections that previously would fail to establish to/from bionic, may now be accepted. Some may view this as a regression. In that case adjust openssl.cnf to a higher TLS_SECURITY_LEVEL, or use the openssl ctx APIs to set a higher TLS security level. See further comments in this bug report as to when we will be raising this LEVEL up (currently timeline is to raise to 2, in 20.04 LTS).
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
|
| 2019-03-14 16:20:27 |
Dimitri John Ledkov |
openssl (Ubuntu Bionic): status |
Incomplete |
Confirmed |
|
| 2019-03-14 17:35:13 |
lotuspsychje |
bug |
|
|
added subscriber Ubuntu-discuss Bug team |
| 2019-03-21 02:21:22 |
Kevin Mark |
bug |
|
|
added subscriber Kevin Mark |
| 2019-03-29 08:03:05 |
Kathryn Morgan |
bug |
|
|
added subscriber Kathryn Morgan |
| 2019-04-01 15:50:53 |
Dimitri John Ledkov |
bug |
|
|
added subscriber Steve Langasek |
| 2019-04-01 15:51:11 |
Dimitri John Ledkov |
openssl (Ubuntu): assignee |
|
Steve Langasek (vorlon) |
|
| 2019-04-03 23:15:56 |
Steve Langasek |
openssl (Ubuntu Bionic): status |
Confirmed |
Fix Committed |
|
| 2019-04-03 23:27:56 |
Steve Langasek |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
* Following the change in Cosmic and up, this SRU also includes a distro patch that lowers OPENSSL_TLS_SECURITY_LEVEL from 1 to 0, to allow for establishing client->server server->client connections with lower grade security settings (e.g. sub-80bits keys, MD5/SHA1 certificate checksums, and other crap like that). This is to continue allow bionic clients to connect to servers operating with older 1.0.x based openssl, as typically clients are at no mercy to reject servers that do not have any better certs/keys/signatures. Thus potentially weak-security connections that previously would fail to establish to/from bionic, may now be accepted. Some may view this as a regression. In that case adjust openssl.cnf to a higher TLS_SECURITY_LEVEL, or use the openssl ctx APIs to set a higher TLS security level. See further comments in this bug report as to when we will be raising this LEVEL up (currently timeline is to raise to 2, in 20.04 LTS).
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
|
| 2019-04-04 07:15:38 |
Mathew Hodson |
bug |
|
|
added subscriber Mathew Hodson |
| 2019-04-04 12:12:08 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473 |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
|
| 2019-04-05 08:16:37 |
EOLE team |
bug task added |
|
salt (Ubuntu) |
|
| 2019-04-05 08:58:57 |
rattenfanger |
bug |
|
|
added subscriber rattenfanger |
| 2019-04-05 14:51:45 |
Dimitri John Ledkov |
bug task deleted |
salt (Ubuntu) |
|
|
| 2019-04-05 14:51:51 |
Dimitri John Ledkov |
bug task deleted |
salt (Ubuntu Bionic) |
|
|
| 2019-04-05 17:37:15 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
|
| 2019-04-05 21:07:34 |
Steve Langasek |
bug task added |
|
libnet-ssleay-perl (Ubuntu) |
|
| 2019-04-05 21:07:49 |
Steve Langasek |
bug task deleted |
libnet-ssleay-perl (Ubuntu) |
|
|
| 2019-04-05 21:08:28 |
Steve Langasek |
libnet-ssleay-perl (Ubuntu Bionic): status |
New |
Incomplete |
|
| 2019-04-17 13:33:30 |
Marco Davids |
bug |
|
|
added subscriber Marco Davids |
| 2019-04-19 17:41:34 |
Michael Iatrou |
bug |
|
|
added subscriber Michael Iatrou |
| 2019-04-23 15:35:34 |
James Gregory-Monk |
bug |
|
|
added subscriber James Gregory-Monk |
| 2019-04-23 18:48:30 |
Steve Langasek |
python2.7 (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2019-04-23 18:55:59 |
Steve Langasek |
python3.6 (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2019-04-23 19:29:52 |
Steve Langasek |
python-cryptography (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2019-04-23 20:43:02 |
Steve Langasek |
bug watch added |
|
https://github.com/openssl/openssl/issues/3665 |
|
| 2019-04-23 20:43:02 |
Steve Langasek |
libio-socket-ssl-perl (Ubuntu Bionic): status |
New |
Incomplete |
|
| 2019-04-23 22:33:08 |
Steve Langasek |
python3.7 (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2019-04-24 07:22:19 |
Virsacer |
removed subscriber Virsacer |
|
|
|
| 2019-04-24 07:22:31 |
Virsacer |
bug |
|
|
added subscriber Virsacer |
| 2019-04-24 12:45:28 |
Andreas Hasenack |
bug |
|
|
added subscriber Andreas Hasenack |
| 2019-04-26 04:36:44 |
Mathew Hodson |
removed subscriber Mathew Hodson |
|
|
|
| 2019-04-26 04:36:54 |
Mathew Hodson |
openssl (Ubuntu): status |
In Progress |
Fix Released |
|
| 2019-04-26 04:37:14 |
Mathew Hodson |
bug |
|
|
added subscriber Mathew Hodson |
| 2019-04-28 14:36:02 |
Launchpad Janitor |
nova (Ubuntu Bionic): status |
New |
Confirmed |
|
| 2019-04-28 14:36:02 |
Launchpad Janitor |
ruby2.5 (Ubuntu Bionic): status |
New |
Confirmed |
|
| 2019-04-29 10:41:22 |
Gianfranco Costamagna |
bug task added |
|
python-tornado (Ubuntu) |
|
| 2019-04-30 09:20:06 |
Launchpad Janitor |
python-tornado (Ubuntu): status |
New |
Confirmed |
|
| 2019-05-07 09:00:12 |
Dimitri John Ledkov |
bug task deleted |
nova (Ubuntu Bionic) |
|
|
| 2019-05-07 10:37:00 |
NJ |
removed subscriber NJ |
|
|
|
| 2019-05-07 14:52:45 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
|
| 2019-05-08 07:55:26 |
Tim Wegener |
bug watch added |
|
https://github.com/openssl/openssl/issues/8055 |
|
| 2019-05-14 12:09:59 |
Jean-Daniel Dupas |
information type |
Public |
Public Security |
|
| 2019-05-14 13:55:22 |
Marc Deslauriers |
information type |
Public Security |
Public |
|
| 2019-05-21 09:13:01 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
|
| 2019-05-24 00:32:32 |
Mathew Hodson |
bug watch removed |
https://github.com/openssl/openssl/issues/8055 |
|
|
| 2019-05-24 00:41:14 |
Mathew Hodson |
bug watch removed |
https://github.com/openssl/openssl/issues/3665 |
|
|
| 2019-05-24 01:08:58 |
Mathew Hodson |
bug watch removed |
http://trac.nginx.org/nginx/ticket/1529 |
|
|
| 2019-05-25 05:43:36 |
Steve Langasek |
ruby2.5 (Ubuntu Bionic): status |
Confirmed |
Fix Committed |
|
| 2019-05-27 22:42:36 |
Roger Preece |
bug |
|
|
added subscriber Roger Preece |
| 2019-05-28 08:38:45 |
Sam |
bug |
|
|
added subscriber Sam |
| 2019-05-28 14:40:29 |
Björn |
bug |
|
|
added subscriber Björn Michael |
| 2019-05-29 09:08:54 |
Dimitri John Ledkov |
bug task added |
|
libwww-perl (Ubuntu) |
|
| 2019-05-29 10:18:56 |
Dimitri John Ledkov |
python-tornado (Ubuntu): status |
Confirmed |
In Progress |
|
| 2019-05-29 18:01:22 |
Steve Langasek |
libwww-perl (Ubuntu): status |
New |
Incomplete |
|
| 2019-05-30 12:48:52 |
Dimitri John Ledkov |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[ Test case libwww-perl (and deps) regression ]
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
apt install liblwp-protocol-https-perl libio-socket-ssl-perl libnet-ssleay-perl
perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com", { data => "foo" }) or die'
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
|
| 2019-05-30 12:49:53 |
Dimitri John Ledkov |
libnet-ssleay-perl (Ubuntu Bionic): status |
Incomplete |
In Progress |
|
| 2019-05-30 12:50:03 |
Dimitri John Ledkov |
libio-socket-ssl-perl (Ubuntu Bionic): status |
Incomplete |
In Progress |
|
| 2019-05-30 12:50:33 |
Dimitri John Ledkov |
libwww-perl (Ubuntu): status |
Incomplete |
In Progress |
|
| 2019-05-30 14:57:46 |
Steve Langasek |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[ Test case libwww-perl (and deps) regression ]
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
apt install liblwp-protocol-https-perl libio-socket-ssl-perl libnet-ssleay-perl
perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com", { data => "foo" }) or die'
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[ Test case libwww-perl (and deps) regression ]
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
1. apt install liblwp-protocol-https-perl
2. enable -proposed
3. apt install libio-socket-ssl-perl libnet-ssleay-perl
4. perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com", { data => "foo" }) or die'
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
|
| 2019-05-30 15:00:37 |
Steve Langasek |
libwww-perl (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2019-05-30 15:01:34 |
Steve Langasek |
libwww-perl (Ubuntu): status |
In Progress |
Fix Released |
|
| 2019-05-30 15:12:21 |
Steve Langasek |
libio-socket-ssl-perl (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2019-05-30 17:27:00 |
Steve Langasek |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[ Test case libwww-perl (and deps) regression ]
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
1. apt install liblwp-protocol-https-perl
2. enable -proposed
3. apt install libio-socket-ssl-perl libnet-ssleay-perl
4. perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com", { data => "foo" }) or die'
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[ Test case libwww-perl (and deps) regression ]
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
1. apt install liblwp-protocol-https-perl
2. enable -proposed
3. apt install libio-socket-ssl-perl libnet-ssleay-perl
4. perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com", { data => "foo" }) or die'
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
* libnet-ssleay-perl introduces two API changes which carry some risk of regression to consuming applications. The risk is considered small.
- Servers implemented in perl may now raise SIGPIPE in the event of a premature client disconnection. This may be a behavior change in openssl itself but has only been noticed in the libnet-ssleay-perl tests. This may represent a DoS attack against any third-party TLS-using servers implemented in perl if they do not already handle SIGPIPE gracefully.
- The behavior of SSLeay::read() and SSLeay::write() has been changed to NOT retry on short reads/short writes, leading to the perl API more closely matching the C API. There are new ssl_read_all() / ssl_write_all() calls for applications which want the previous behavior.
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
|
| 2019-05-30 21:22:00 |
Sam |
removed subscriber Sam |
|
|
|
| 2019-05-30 21:22:37 |
Sam |
bug |
|
|
added subscriber Sam |
| 2019-05-31 06:51:50 |
Łukasz Zemczak |
tags |
bionic verification-needed verification-needed-bionic |
bionic verification-failed-bionic verification-needed |
|
| 2019-05-31 07:03:07 |
Łukasz Zemczak |
libnet-ssleay-perl (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2019-05-31 07:03:38 |
Łukasz Zemczak |
tags |
bionic verification-failed-bionic verification-needed |
bionic verification-needed verification-needed-bionic |
|
| 2019-05-31 07:11:43 |
Virsacer |
removed subscriber Virsacer |
|
|
|
| 2019-05-31 12:54:12 |
David |
removed subscriber David |
|
|
|
| 2019-06-10 10:25:30 |
Chris |
bug |
|
|
added subscriber Chris |
| 2019-06-10 15:56:11 |
Dimitri John Ledkov |
tags |
bionic verification-needed verification-needed-bionic |
bionic verification-done verification-done-bionic |
|
| 2019-06-10 16:03:45 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2019-06-10 16:04:11 |
Launchpad Janitor |
r-cran-openssl (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:16 |
Launchpad Janitor |
ruby-openssl (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:16 |
Launchpad Janitor |
cve linked |
|
2018-16395 |
|
| 2019-06-10 16:04:19 |
Launchpad Janitor |
openssl (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:19 |
Launchpad Janitor |
cve linked |
|
2018-0732 |
|
| 2019-06-10 16:04:19 |
Launchpad Janitor |
cve linked |
|
2018-0734 |
|
| 2019-06-10 16:04:19 |
Launchpad Janitor |
cve linked |
|
2018-0735 |
|
| 2019-06-10 16:04:19 |
Launchpad Janitor |
cve linked |
|
2018-0737 |
|
| 2019-06-10 16:04:25 |
Launchpad Janitor |
python2.7 (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:29 |
Launchpad Janitor |
python3.6 (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:34 |
Launchpad Janitor |
python-cryptography (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:38 |
Launchpad Janitor |
python3.7 (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:44 |
Launchpad Janitor |
ruby2.5 (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:48 |
Launchpad Janitor |
libwww-perl (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:52 |
Launchpad Janitor |
libio-socket-ssl-perl (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 16:04:55 |
Launchpad Janitor |
libnet-ssleay-perl (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-10 18:29:04 |
Steve Langasek |
description |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[ Test case libwww-perl (and deps) regression ]
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
1. apt install liblwp-protocol-https-perl
2. enable -proposed
3. apt install libio-socket-ssl-perl libnet-ssleay-perl
4. perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com", { data => "foo" }) or die'
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
* libnet-ssleay-perl introduces two API changes which carry some risk of regression to consuming applications. The risk is considered small.
- Servers implemented in perl may now raise SIGPIPE in the event of a premature client disconnection. This may be a behavior change in openssl itself but has only been noticed in the libnet-ssleay-perl tests. This may represent a DoS attack against any third-party TLS-using servers implemented in perl if they do not already handle SIGPIPE gracefully.
- The behavior of SSLeay::read() and SSLeay::write() has been changed to NOT retry on short reads/short writes, leading to the perl API more closely matching the C API. There are new ssl_read_all() / ssl_write_all() calls for applications which want the previous behavior.
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
[Impact]
* OpenSSL 1.1.1 is an LTS release upstream, which will continue to receive security support for much longer than 1.1.0 series will.
* OpenSSL 1.1.1 comes with support for TLS v1.3 which is expected to be rapidly adopted due to increased set of supported hashes & algoes, as well as improved handshake [re-]negotiation.
* OpenSSL 1.1.1 comes with improved hw-acceleration capabilities.
* OpenSSL 1.1.1 is ABI/API compatible with 1.1.0, however some software is sensitive to the negotiation handshake and may either need patches/improvements or clamp-down to maximum v1.2.
[Test Case]
* Rebuild all reverse dependencies
* Execute autopkg tests for all of them
* Clamp down to TLS v1.2 software that does not support TLS v1.3 (e.g. mongodb)
* Backport TLS v1.3 support patches, where applicable
[Test cases for the python updates]
python3.7 is a preview in bionic as a non-supported/non-default
version of python3. Passing it's own autopkgtests is sufficient
validation for python3.7. It includes a point release update, with
OpenSSL 1.1.1 compat and features.
python3.6 not only has OpenSSL 1.1.1 compat and features patches, but
also includes a point release update to 3.6.8. It has been part of the
full-archive rebuild and regression analysis. Autopkgtests were
triggered for python3.6 and python3-defaults with regressions already
fixed in the individual packages as appropriate.
python2.7 has the update from .15~rc1 to .15 final, with OpenSSL 1.1.1
compat only. It has been part of the full-archive rebuild and
regression analysis. Autopkgtests were triggered for python2.7 and
python-defaults with regressions already fixed in the individual
packages as appropriate.
The archive rebuilds done, were commulative with OpenJDK 11, OpenSSL 1.1.1 and python point releases as seen in:
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-bionic.html
http://people.canonical.com/~doko/ftbfs-report/test-rebuild-20181222-test-bionic.html
And analyzed in
https://docs.google.com/spreadsheets/d/1tMIwlwoHH_1h5sbvUbNac6-HIPKi3e0Xr8ebchIOU1A/edit#gid=147857652
[ Test case libwww-perl (and deps) regression ]
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
1. apt install liblwp-protocol-https-perl
2. enable -proposed
3. apt install libio-socket-ssl-perl libnet-ssleay-perl
4. perl -MLWP::UserAgent -e 'LWP::UserAgent->new->post("https://facebook.com", { data => "foo" }) or die'
[Regression Potential]
* Connectivity interop is the biggest issues which will be unavoidable with introducing TLS v1.3. However, tests on cosmic demonstrate that curl/nginx/google-chrome/mozilla-firefox connect and negotiate TLS v1.3 without issues.
* Mitigation of discovered connectivity issues will be possible by clamping down to TLS v1.2 in either server-side or client-side software or by backporting relevant support fixes
* Notable changes are listed here https://wiki.openssl.org/index.php/TLS1.3
* Most common connectivity issues so far:
- client verifies SNI in TLSv1.3 mode, yet client doesn't set hostname. Solution is client change to set hostname, or to clamp down the client to TLSv1.2.
- session negotiation is different in TLSv1.3, existing client code may fail to create/negotiate/resume session. Clients need to learn how to use session callback.
- non-application data records. TLSv1.3 sends more of these, when compared with previous versions, and some applications may not handle this correctly. Resulting in application data not being available, when previously expected. Mitigation around these involve disabling/enabling SSL_MODE_AUTO_RETRY or setting max protocol version to TLSv1.2. For example see discussion identified in the perl stack https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914034
Similar hangs are possible with prior versions of TLS as well, it is however easier to trigger this with TLSv1.3.
* Deprecated npn extenstion does not exist in TLSv1.3 implementation.
* This update bundles python 3.6 and 3.7 point releases
* libnet-ssleay-perl introduces two API changes which carry some risk of regression to consuming applications. The risk is considered small.
- Servers implemented in perl may now raise SIGPIPE in the event of a premature client disconnection. This may be a behavior change in openssl itself but has only been noticed in the libnet-ssleay-perl tests. This may represent a DoS attack against any third-party TLS-using servers implemented in perl if they do not already handle SIGPIPE gracefully.
- The behavior of SSLeay::read() and SSLeay::write() has been changed to NOT retry on short reads/short writes, leading to the perl API more closely matching the C API. There are new ssl_read_all() / ssl_write_all() calls for applications which want the previous behavior.
[Test case, python-tornado]
This is a test-only fix to fix build-time tests and autopkgtests that have regressed as a result of the openssl update. The test case is that the package builds and passes its autopkgtests again.
[Other Info]
* Previous FFe for OpenSSL in 18.10 is at
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1793092
* TLS v1.3 support in NSS is expected to make it to 18.04 via security updates
* TLS v1.3 support in GnuTLS is expected to be available in 19.04
* Test OpenSSL is being prepared in
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3473
[Autopkgtest Regressions]
dovecot/armhf - flakey
libnet-ssleay-perl - awaiting sru accept into proposed of
libnet-ssleay-perl and libio-socket-ssl-perl due to fixes and
versioned breaks.
linux* - rebuild testcases passes (for some edge flavours the build
fails in non-ssl portions of the build), ubuntu-regression-suite
testcase fails for a few variants but should have been skipped (in
progress to be fixed in
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823056)
openvswitch/i386 - extremely flakey, errors out or fails mostly |
|
| 2019-06-10 18:29:37 |
Steve Langasek |
python-tornado (Ubuntu Bionic): status |
New |
Fix Committed |
|
| 2019-06-10 18:29:39 |
Steve Langasek |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2019-06-10 18:30:03 |
Steve Langasek |
tags |
bionic verification-done verification-done-bionic |
bionic verification-needed verification-needed-bionic |
|
| 2019-06-10 18:50:49 |
Steve Langasek |
bug task deleted |
python-tornado (Ubuntu) |
|
|
| 2019-06-10 21:18:19 |
Dimitri John Ledkov |
tags |
bionic verification-needed verification-needed-bionic |
bionic verification-done verification-done-bionic |
|
| 2019-06-12 22:56:30 |
Mathew Hodson |
removed subscriber Mathew Hodson |
|
|
|
| 2019-06-19 13:24:38 |
Sascha Silbe |
bug |
|
|
added subscriber Sascha Silbe |
| 2019-06-20 22:12:22 |
Launchpad Janitor |
python-tornado (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-21 05:19:31 |
rattenfanger |
removed subscriber rattenfanger |
|
|
|
| 2020-03-05 14:02:28 |
Robie Basak |
tags |
bionic verification-done verification-done-bionic |
bionic bionic-openssl-1.1 verification-done verification-done-bionic |
|
