wiki.mozilla.org server does not support RFC 5746, see CVE-2009-3555

RESOLVED DUPLICATE of bug 657920

Status

--
major
RESOLVED DUPLICATE of bug 657920
8 years ago
7 years ago

People

(Reporter: alex_mayorga, Unassigned)

Tracking

Details

(URL)

(Reporter)

Description

8 years ago
User-Agent:       Mozilla/5.0 (Windows; Windows NT 6.0; en-US; rv:2.0b2pre) Gecko/20100715 Minefield/4.0b2pre
Build Identifier: Mozilla/5.0 (Windows; Windows NT 6.0; en-US; rv:2.0b2pre) Gecko/20100715 Minefield/4.0b2pre ID:20100715040517

When visiting https://wiki.mozilla.org the following message appears in the Error Console:

"wiki.mozilla.org : server does not support RFC 5746, see CVE-2009-3555"

Reproducible: Always

Steps to Reproduce:
1. Go to https://wiki.mozilla.org
Actual Results:  
"wiki.mozilla.org : server does not support RFC 5746, see CVE-2009-3555" is written to the Error Console.

Expected Results:  
Nothing is written to the error console.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555

Updated

8 years ago
Blocks: 555952

Updated

8 years ago
Group: websites-security

Comment 1

8 years ago
IT bug filed to move wiki.mozilla.org behind the zeus
Depends on: 602112
(Reporter)

Comment 2

8 years ago
The problem I described on this bug is not reproducible anymore.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
And now it's broken again, along with most of our sites.
Status: RESOLVED → REOPENED
Ever confirmed: true
Resolution: FIXED → ---
Fwiw,

https://www.ssllabs.com/ssldb/analyze.html?d=wiki.mozilla.org
reports
{
Session resumption  	Yes
Renegotiation 	Secure Renegotiation Supported
}

Yet, SeaMonkey 2.0.14 still reports
{
wiki.mozilla.org : server does not support RFC 5746, see CVE-2009-3555
}

(Confusing :-/)

Comment 5

7 years ago
(In reply to comment #4)
> 
> (Confusing :-/)

It's because the servers have erratic behaviour.
Sometimes they include, and sometimes they exclude the announcement for supporting the protocol.
Is this possibly a difference in IPv6/IPv4 configuration? There have been similar bugs recently.

Comment 7

7 years ago
I don't think this is a v6/v4 issue, as our SSL config is not different between them.

However, I can verify that Firefox (and apparently Seamonkey) report RFC 5746 as not being supported, whereas ssllabs.com says it is supported. Our load balancers are set up to support it, so that's 2-against-1, things that say it's supported and things that say it's not (ssllabs.com + LB vs Gecko).

I'm duping this to the main bug on that.
Status: REOPENED → RESOLVED
Last Resolved: 8 years ago7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 657920
You need to log in before you can comment on or make changes to this bug.