Public bug reported: Ubuntu 18.04 With ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE Tests done using testssl.sh
Expected: TLS1.3 should only be enabled if the config says it should. 1.14.0-0ubuntu1.3 reports SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 offered TLS 1.1 offered TLS 1.2 offered (OK) TLS 1.3 not offered NPN/SPDY http/1.1 (advertised) ALPN/HTTP2 http/1.1 (offered) 1.14.0-0ubuntu1.4 reports SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 offered TLS 1.1 offered TLS 1.2 offered (OK) TLS 1.3 offered (OK): final NPN/SPDY http/1.1 (advertised) ALPN/HTTP2 http/1.1 (offered) How to revert, manually install: wget http://us.archive.ubuntu.com/ubuntu/pool/main/n/nginx/libnginx-mod-http-geoip_1.14.0-0ubuntu1.3_amd64.deb http://us.archive.ubuntu.com/ubuntu/pool/main/n/nginx/libnginx-mod-http-image-filter_1.14.0-0ubuntu1.3_amd64.deb http://us.archive.ubuntu.com/ubuntu/pool/main/n/nginx/libnginx-mod-http-xslt-filter_1.14.0-0ubuntu1.3_amd64.deb http://us.archive.ubuntu.com/ubuntu/pool/main/n/nginx/libnginx-mod-mail_1.14.0-0ubuntu1.3_amd64.deb http://us.archive.ubuntu.com/ubuntu/pool/main/n/nginx/libnginx-mod-stream_1.14.0-0ubuntu1.3_amd64.deb http://us.archive.ubuntu.com/ubuntu/pool/main/n/nginx/nginx-common_1.14.0-0ubuntu1.3_all.deb http://us.archive.ubuntu.com/ubuntu/pool/main/n/nginx/nginx-core_1.14.0-0ubuntu1.3_amd64.deb http://us.archive.ubuntu.com/ubuntu/pool/main/n/nginx/nginx_1.14.0-0ubuntu1.3_all.deb ** Affects: nginx (Ubuntu) Importance: Undecided Status: New ** Tags: regression-update ** Tags added: regression-update -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1840404 Title: [regression] 1.14.0-0ubuntu1.4 security update enables TLS1.3 without a choice To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1840404/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
