This was done in Ubuntu jammy/22.04. See release notes:
https://discourse.ubuntu.com/t/jammy-jellyfish-release-notes/24668
Security Level 2 is now enforced, see here for some more info:
https://www.openssl.org/docs/man3.0/man3/SSL_CTX_set_security_level.html
** Changed in: openssl (Ubuntu)
** Changed in: openssl (Ubuntu)
Status: New => Confirmed
** Changed in: openssl (Ubuntu)
Importance: Undecided => Wishlist
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
The above mentioned command shows that export grade ciphers are supported.
That doesn't mean they are considered during cipher negotiation or even
advertised by the client. But those ciphers are part of certain cipher
strings, like ALL, DES, SHA etc. A user/developer not explicitly diabbling
I wonder if this is good way to find the supported ciphers list?
sarnold@sec-trusty-amd64:~/qrt-test-imagemagick$ openssl ciphers -v EXP
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
4 matches
Mail list logo
