- Issued:
- 2018-11-05
- Updated:
- 2018-11-05
RHEA-2018:3492 - Product Enhancement Advisory
Synopsis
Enable setting SSL ciphers and SSL options
Type/Severity
Product Enhancement Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
The change adds two options to WebSockifyServer. The first is a list of SSL ciphers. The second is SSL options (intended use is to force a specific TLS version).
Description
The python-websockify package is a Python Web Server Gateway Interface based adapter for the Websockets protocol. It forwards traffic between the client and guest, and enables users to connect to virtual machines using SPICE-HTML5 and noVNC consoles.
All Red Hat Enterprise Virtualization users who wish to use a websocket proxy for web-based console client access are advised to install this new python-websockify package.
Default configuration allows old and potentially insecure ciphers to be used. Passing SSL options and SSL ciphers prevents using outdated TLS versions as well as allows limiting the list of ciphers.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Virtualization Manager 4 for RHEL 7 x86_64
- Red Hat Virtualization 4 for RHEL 7 x86_64
Fixes
- BZ - 1636924 - [downstream clone - 4.2.7] [RFE] Enable setting SSL ciphers and SSL options
CVEs
(none)
References
(none)
Red Hat Virtualization Manager 4 for RHEL 7
SRPM | |
---|---|
python-websockify-0.8.0-3.el7.src.rpm | SHA-256: 50436af6037713ed1e43089bd35d6285aa2c7c745eb0e73258b5622715a8a0c8 |
x86_64 | |
python-websockify-0.8.0-3.el7.noarch.rpm | SHA-256: 18a917c719a47e9734f58f072ad671acd24e56aedb58276f30cff29fd79cbb49 |
Red Hat Virtualization 4 for RHEL 7
SRPM | |
---|---|
python-websockify-0.8.0-3.el7.src.rpm | SHA-256: 50436af6037713ed1e43089bd35d6285aa2c7c745eb0e73258b5622715a8a0c8 |
x86_64 | |
python-websockify-0.8.0-3.el7.noarch.rpm | SHA-256: 18a917c719a47e9734f58f072ad671acd24e56aedb58276f30cff29fd79cbb49 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.