[MDEV-31369] Disable TLS v1.0 and 1.1 for MariaDB - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 10.4.32, 10.5.23, 10.6.16, 10.10.7, 10.11.6, 11.0.4, 11.1.3
Component/s: SSL
Labels:
- Papercut
- beginner-friendly

Description

The TLS versions 1.0 (defined in 1999) and 1.1 (defined in 2006) are insecure and nobody should be using them anymore.

Should MariaDB also start planning on deprecating and disabling these two protocols when connecting to server? Currently TLS1.0 and TLS1.1 are still allowed via server parameter https://mariadb.com/kb/en/ssltls-system-variables/#tls_version

Attachments

Activity

People

Assignee:: Daniel Black

Reporter:: Tingyao Nian

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2023-05-30 16:58

Updated:: 2023-09-14 07:52

Resolved:: 2023-09-13 10:18

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.