Closed Bug 666126 Opened 13 years ago Closed 13 years ago

air.mozilla.org does not support RFC 5746, potentially vulnerable to CVE-2009-3555

Tracking

(Not tracked)

Status:

RESOLVED DUPLICATE of bug 657920

People

(Reporter: dveditz, Unassigned)

References

(
URL
)

Details

Daniel Veditz [:dveditz]

Reporter

Description

•

13 years ago

https://air.mozilla.org/ gives warnings in the error console that it does not support RFC 5746 and is potentially vulnerable to CVE-2009-3555. It does not show the safe SSL indicators if the user has set security.ssl.treat_unsafe_renegotiation_as_broken to true

Corey Shields [:cshields]

Updated

•

13 years ago

Status: NEW → RESOLVED

Closed: 13 years ago

Resolution: --- → DUPLICATE

Nobody; OK to take it and work on it

Updated

•

9 years ago

Product: mozilla.org → mozilla.org Graveyard

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

air.mozilla.org does not support RFC 5746, potentially vulnerable to CVE-2009-3555

Categories

(mozilla.org Graveyard :: Server Operations, task)

Tracking

(Not tracked)

People

(Reporter: dveditz, Unassigned)

References

(
URL
)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated