Red Hat Customer Portal - Access to 24x7 support and knowledge

I feel bad for creating a new discussion for this, however, I can't find a concrete answer to this. Where are the bugs reported for a SoftwareCollections package when installed from

rhel-server-rhscl-7-eus-rpms

? The website, softwarecollections.org, has no mention about this. It does mention copr, though, the packages are not hosted/listed there. Bugzilla has some bugs about packages that are not "official" Components, which I had assumed to mean that they don't belong there either.

That's the overall question. The specific question, and the reason why I started looking to begin with, was that the

httpd24-mod_ssl

package provides configuration files that allow SSLv3, making any system that installs that package vulnerable to POODLE by default.

# grep SSLProtocol /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf 
SSLProtocol all -SSLv2

Instead of

# grep SSLProtocol /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf 
SSLProtocol all -SSLv2 -SSLv3

or even something more refined like

# grep SSLProtocol /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf 
    SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

SoftwareCollections Bugs

Responses

Quick Links

Help

Site Info

Related Sites

Red Hat legal and privacy links

Red Hat legal and privacy links