Learn about Centmin Mod LEMP Stack today
Register Now

Beta Branch nginx 1.15.4 openssl 1.1.1 renegotiation security bug fix

Discussion in 'Centmin Mod Github Commits' started by eva2000, Sep 27, 2018.

  1. eva2000

    eva2000 Administrator Staff Member

    44,503
    10,164
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,733
    Local Time:
    5:31 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
  2. eva2000

    eva2000 Administrator Staff Member

    44,503
    10,164
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,733
    Local Time:
    5:31 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    testssl tests before fix versus after fix

    before
    Code (Text):
     Testing vulnerabilities
    
     Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
     CCS (CVE-2014-0224)                       not vulnerable (OK)
     Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK), no session tickets
     ROBOT                                     not vulnerable (OK)
     Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
     Secure Client-Initiated Renegotiation     VULNERABLE (NOT ok), DoS threat
     CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
    

    after
    Code (Text):
    Testing vulnerabilities
    
     Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
     CCS (CVE-2014-0224)                       not vulnerable (OK)
     Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK), no session tickets
     ROBOT                                     not vulnerable (OK)
     Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
     Secure Client-Initiated Renegotiation     not vulnerable (OK)
     CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
    
     
  3. rdan

    rdan Well-Known Member

    4,942
    1,180
    113
    May 25, 2014
    Ratings:
    +1,789
    Local Time:
    3:31 AM
    Mainline
    10.2
    While applying this patch and rebuilding Nginx again, I still encounter the same issue:
     
  4. eva2000

    eva2000 Administrator Staff Member

    44,503
    10,164
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,733
    Local Time:
    5:31 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x