Loading...

XML

Word

Printable

JSON

Type: Bug
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 5.1.0-rc0
Affects Version/s: None
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Operating System:
ALL
Sprint:
Security 2021-10-18, Security 2021-11-01
Linked BF Score:
144
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

In the "SetupOpenSSL" initializer, it is sometimes possible for the sslGlobalParams.sslFIPSMode variable to have a value of "false" even though the startup option net.tls.FIPSMode is"true" if the initializer happens to execute before the startup option's value has been parsed and stored in sslGlobalParams.sslFIPSMode. This causes the server to skip enabling FIPS mode, or to NOT crash if FIPS is not supported by the crypto library.

Assignee:: Erwin Pe
Reporter:: Erwin Pe
Participants:: Erwin Pe, Githook User
Votes:: 0 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: Oct 12 2021 08:19:43 PM UTC
Updated:: Oct 29 2023 09:47:29 PM UTC
Resolved:: Oct 19 2021 05:32:33 PM UTC
Confidence Status Last Update:: 15/Oct/21 4:09 PM

Details

Description

Attachments

Forms

Activity

People

Dates