[MDEV-8352] Increase Diffie-Helman modulus to 2048-bits - JIRA

Details

Type: Task
Status: Closed
Priority: Critical
Resolution: Fixed
Fix Version/s: 10.0.21, 5.5.45
Component/s: SSL
Labels:
None

Sprint:
5.5.45

Description

Debian reported a bug in an older version of MariaDB relating to using a 512-bit modulus when
negotiating a Finite-Field Diffie-Hellman Ephemeral (FFDHE) handshake in TLS.

This was increased to 1024 in 10.0.18, but MySQL increased this to 2048 in their 5.7.7 release in Oct 2014, and the current consensus is that, while 1024 is currently sufficient, it's unlikely to be in the near to medium future.

Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788905

Gliffy Diagrams

Attachments

Issue Links

links to

Debian bug report

Activity

There are no comments yet on this issue.

People

Assignee:

Sergei Golubchik

Reporter:

Ian Gilfillan

Votes:

0 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

2015-06-22 15:17

Updated:

2015-07-28 20:15

Resolved:

2015-07-28 20:15

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

Agile

Completed Sprint:

5.5.45 ended 2015-08-05
View on Board