[QA][4.4]Action taken for the CVE-2004-2761

Solution Verified - Updated -

Issue

  • [QA][4.4]Action taken for the CVE-2004-2761
  • For openssl setting, should a user change the default setting of default_md to sha1 in /usr/share/ssl/openssl.cnf?

[ CA_default ]
<snip>
#default_md      = md5                   # which md to use.
default_md      = sha1         

  • For mod_ssl, does a user need to set some extra option to let it use sha1?
  • FJ requests those info to the kbase article which seems to be based on RHEL5:

     http://kbase.redhat.com/faq/docs/DOC-15379

Should I be concerned about the rogue CA certificate MD5 collision attack, CVE-2004-2761?

Environment

  • Red Hat Enteripse Linux 4 Update 4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content