[debian-mysql] Bug#788895: mysql-5.5: defaults to 512-bit FFDHE; should be at least 2048-bit FFDHE

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Jun 16 04:53:30 UTC 2015


Control: clone 788895 -1
Control: retitle -1 mariadb: defaults to 512-bit FFDHE; should be at least 2048-bit FFDHE
Control: reassign -1 mariadb-10.0
Control: found -1 10.0.16-1

On Mon 2015-06-15 18:22:01 -0400, Daniel Kahn Gillmor wrote:

> all existing versions of MySQL present a 512-bit modulus when
> negotiating a Finite-Field Diffie-Hellman Ephemeral (FFDHE) handshake
> in TLS.  This is grossly negligent (see https://weakdh.org)
>
> Upstream's bug fix (complete with novel Finite Field DHE group, whose
> structure i have not yet examined) is here:
>
> https://github.com/mysql/mysql-server/commit/866b988a76e8e7e217017a7883a52a12ec5024b9
>
> This (or something like it, using a well-analyzed group) should
> probably be applied to all supported versions of MySQL.

The same bug (#788895) is found in mariadb, so i'm cloning this bug to
apply it to that package.  The stable version (10.0.16-1) offers 512-bit
dhe.

as of 10.0.18, mariadb appears to have upgraded from 512-bit to 1024-bit
DHE [0], but this is still probably too weak for any sort of medium-term
confidentiality guarantees that we'd like to offer to users.

      --dkg

[0] as determined by:

   debcheckout mariadb-10.0
   cd mariadb-10.0
   git log -p vio/viosslfactories.c



More information about the pkg-mysql-maint mailing list