Project

General

Custom queries

Profile

Actions
Copy link

Bug #37306

closed

Puppet server ciphers updated in 2.0 but old ciphers can remain in answers

Added by Ewoud Kohl van Wijngaarden about 1 year ago. Updated 11 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Ewoud Kohl van Wijngaarden
Category:
foreman-installer script
Target version:
-
Difficulty:
Triaged:
Yes
Bugzilla link:
2270513
Pull request:
https://github.com/theforeman/foreman-installer/pull/928
Fixed in Releases:
Foreman - 3.11.0
Found in Releases:
Foreman - 2.0.0, Foreman - 3.10.0
Red Hat JIRA:
SAT-24073

Description

In foreman-installer 2.0 we updated the ciphers for puppetserver, but didn't introduce a migration to update existing installations. Users from very old installs will still use the insecure ciphers. This breaks on FIPS and leaves other users more vulnerable than they need to be.

The commit in question was: https://github.com/theforeman/puppet-puppet/commit/8cc4e3094d5bbd6d05d794e087816934e1697a87

#1

Updated by Ewoud Kohl van Wijngaarden about 1 year ago

  • Description updated (diff)
#2

Updated by The Foreman Bot about 1 year ago

  • Status changed from New to Ready For Testing
  • Assignee set to Ewoud Kohl van Wijngaarden
  • Pull request https://github.com/theforeman/foreman-installer/pull/928 added
#3

Updated by The Foreman Bot about 1 year ago

  • Fixed in Releases 3.11.0 added
#4

Updated by Ewoud Kohl van Wijngaarden about 1 year ago

  • Status changed from Ready For Testing to Closed
#5

Updated by Ewoud Kohl van Wijngaarden 11 months ago

  • Triaged changed from No to Yes
Actions
Copy link

Also available in: Atom PDF