[QA][4.4]Action taken for the CVE-2004-2761

Solution Verified - Updated -

Issue

  • [QA][4.4]Action taken for the CVE-2004-2761
  • For openssl setting, should a user change the default setting of default_md to sha1 in /usr/share/ssl/openssl.cnf?

[ CA_default ]
<snip>
#default_md      = md5                   # which md to use.
default_md      = sha1         

  • For mod_ssl, does a user need to set some extra option to let it use sha1?
  • FJ requests those info to the kbase article which seems to be based on RHEL5:

     http://kbase.redhat.com/faq/docs/DOC-15379

Should I be concerned about the rogue CA certificate MD5 collision attack, CVE-2004-2761?

Environment

  • Red Hat Enteripse Linux 4 Update 4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.