** Description changed: [Impact] - TBD + + TLS enablement allows Memcached to both encrypt cached data on the wire + as well as to provide authentication of clients and servers according to + the specified TLS configuration. + + TLS is a feature enabled via configuration or command-line arguments, + therefore existing deployments of Memcached will not be affected and + will continue to work as expected. Such deployments would then have the + choice to opt-in TLS usage by providing the extra TLS configuration. + + TLS support is required to safely run Memcached on cloud environments + where the user does not have total control over the network. + + According to [1], support for TLS was added in version 1.5.13 while + Focal ships 1.5.22. The feature is just not enabled during compile time. [Test Case] - TBD + $ apt install memcached + $ memcached -Z -v + Error loading the certificate chain: (null) + + That is enough to check if TLS capabilities are enabled in Memcached. [Regression Potential] - TBD + + Enabling TLS as an SRU will introduce a new protocol in certain + environments. This may be problematic for a small number of users, but + the benefit of having TLS enabled greatly outweighs that. + + From an update point of view, this only enables the capability to run + Memcached with TLS, and as this is an opt-in feature, services that do + not choose to opt-in should stay the same. [Fix] This simply needs --enable-tls passed to the configure script to enable TLS. The change has been reviewed and accepted by Debian and sync'd to Ubuntu groovy. The upstream commit is https://github.com/docker-library/memcached/blob/4538128227a0e422e59df735d67b03ee23d39637/debian/Dockerfile#L56 [Discussion] [Original Report] At OpenStack we use ubuntu (currently 20.04) at our CI jobs. There is a current demand for TLS enablement in order to be able to cache sensitive information such as access tokens.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1887943 Title: [SRU] TLS is not enabled for memcached>=1.5.13 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/memcached/+bug/1887943/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
