Closed
Bug 1745065
Opened 3 years ago
Closed 3 years ago
Add additional ciphers to DisabledCiphers policy
Categories
(Firefox :: Enterprise Policies, enhancement, P3)
Firefox
Enterprise Policies
Tracking
()
RESOLVED
FIXED
97 Branch
People
(Reporter: mkaply, Assigned: mkaply)
References
Details
Attachments
(2 files)
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
11.73 KB,
patch
|
RyanVM
:
approval-mozilla-esr91+
|
Details | Diff | Splinter Review |
The list of cipher suites that can be blocked seems out-of-date. Specifically, it does not include the option to block these two weak ciphers that Firefox appears to still support.
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a) WEAK 256
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009) WEAK 128
Also, we should keep an eye on this for future releasees.
|
Assignee | |
Comment 1•3 years ago
|
||
|
||
Updated•3 years ago
|
Assignee: nobody → mozilla
Status: NEW → ASSIGNED
Pushed by mozilla@kaply.com:
https://hg.mozilla.org/integration/autoland/rev/37c16eb578cd
Add support for managing more ciphers in policy. r=keeler
|
||
Comment 3•3 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox97:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 97 Branch
|
|
Assignee | |
Comment 4•3 years ago
|
||
|
|
Assignee | |
Comment 5•3 years ago
|
||
Comment on attachment 9259948 [details] [diff] [review]
Patch for ESR
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: Policy only, match Firefox 96
- User impact if declined: Unable to disable certain siphers
- Fix Landed on Version: 97
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): Policy only
Attachment #9259948 -
Flags: approval-mozilla-esr91?
|
||
Comment 6•3 years ago
|
||
Comment on attachment 9259948 [details] [diff] [review]
Patch for ESR
Approved for 91.6esr.
Attachment #9259948 -
Flags: approval-mozilla-esr91? → approval-mozilla-esr91+
|
|
||
Comment 7•3 years ago
|
||
| bugherder uplift | ||
status-firefox-esr91:
--- → fixed
Flags: in-testsuite+
You need to log in
before you can comment on or make changes to this bug.
Description
•