Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1686140 - Diffie-Hellman keysize < 2048 in logging-es
Summary: Diffie-Hellman keysize < 2048 in logging-es
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Logging
Version: 3.10.0
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 3.10.z
Assignee: Rich Megginson
QA Contact: Anping Li
URL:
Whiteboard:
Depends On: 1679841 1685655
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-03-06 19:52 UTC by Jeff Cantrill
Modified: 2019-04-09 23:40 UTC (History)
7 users (show)

Fixed In Version: openshift3/logging-elasticsearch:v3.10.125-1
Doc Type: Bug Fix
Doc Text:
Cause: The SSL/TLS service uses Diffie-Hellman groups with insufficient strength (key size < 2048) Consequence: The keys are more vulnerable Fix: Increase the key strength Result: The certificates are more secure
Clone Of: 1685655
Environment:
Last Closed: 2019-04-09 23:40:43 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github openshift origin-aggregated-logging pull 1552 None None None 2019-03-11 15:44:39 UTC
Red Hat Product Errata RHBA-2019:0620 None None None 2019-04-09 23:40:52 UTC

Comment 4 Anping Li 2019-03-25 05:59:12 UTC
fix in openshift-ansible v3.10.127

Comment 6 errata-xmlrpc 2019-04-09 23:40:43 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:0620


Note You need to log in before you can comment on or make changes to this bug.