Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-12193

Discontinue support of unsecure and unsupported OpenSSL versions (< 1.0.1)

    XMLWordPrintable

Details

    Description

      Currently MariaDB server supports OpenSSL versions 0.9, 1.0, 1.0.1, 1..0.2 (and 1.1 when MDEV-10332 is finished)

      • OpenSSL version 0.9.8 and 1.0 eoled in 2015
      • OpenSSL 1.0.1 eoled in 2016
      • Both versions will not get security updates/fixes anymore
      • All major distros which still support 0.9 or 1.0 didn't fix any CVE during the last 12 months
      • OpenSSL 0.9 doesn't support TLS 1.1 and TLS 1.2
      • mtr tests fail due to lack of ciphers
      • mtr tests fail if server and client don't use the same OpenSSL version (0.9 or 1.0)

      Suggestion:

      Stop cmake build if OpenSSL version number is < 1.0.1

      See also: MySQL Documentation - Building with secure connection support

      Attachments

        Issue Links

          Activity

            People

              serg Sergei Golubchik
              georg Georg Richter
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.