Bug 429494 - https://bugs.eclipse.org/bugs/ is vulnerable to CVE-2009-3555
Summary: https://bugs.eclipse.org/bugs/ is vulnerable to CVE-2009-3555
Status: RESOLVED FIXED
Alias: None
Product: Community
Classification: Eclipse Foundation
Component: Bugzilla (show other bugs)
Version: unspecified   Edit
Hardware: All All
: P3 normal (vote)
Target Milestone: ---   Edit
Assignee: Eclipse Webmaster CLA
QA Contact:
URL:
Whiteboard:
Keywords: security
Depends on:
Blocks:
 
Reported: 2014-03-03 12:53 EST by Frédéric Buclin CLA
Modified: 2018-02-07 12:10 EST (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Frédéric Buclin CLA 2014-03-03 12:53:14 EST 
When you set the Firefox parameter "security.ssl.require_safe_negotiation" to "true", it refuses to load https://bugs.eclipse.org/bugs/ and throws the "ssl_error_unsafe_negotiation" error message. See https://bugzilla.mozilla.org/show_bug.cgi?id=555952 for details.
Comment 1 Denis Roy CLA 2014-03-10 13:17:22 EDT 
We need to bring our bugzilla VMs up-to-date.
Comment 2 Denis Roy CLA 2018-02-07 12:10:25 EST 
We've brought our bugzilla VMs up to date.