#20626: SSL vulnerability / Weak implementation
-----------------------+----------------------------------
Reporter: rolf@… | Owner: developers
Type: defect | Status: reopened
Priority: highest | Milestone: Chaos Calmer (trunk)
Component: packages | Version: Trunk
Resolution: | Keywords:
-----------------------+----------------------------------
Comment (by jow):
A full solution requires
1) patches to ustream-ssl-polarssl, ustream-ssl-openssl and ustream-ssl-
cyassl
2) patches to px5g
3) patches to uhttpd
As a quick measure we can change the default cipher of px5g, but
supporting configurable cipherlists and the like is more effort. Another
interim solution would be using an ssl proxy in front of uhttpd or
accessing plain http via ssh tunneling.
--
Ticket URL: <https://dev.openwrt.org/ticket/20626#comment:5>
OpenWrt <http://openwrt.org>
Opensource Wireless Router Technology
_______________________________________________
openwrt-tickets mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-tickets
