All, Red Hat released the source code for Firefox 38. We have (or willbe today) releasing this for CentOS-5, CentOS-6, and CentOS-7. It does not, by default, connect to https sites with TLS less than 1.2. This means it will not connect to sites on CentOS-5, for example .. there are many others. In any event, here is a wiki article that explains potential issues and workarounds: http://wiki.centos.org/TipsAndTricks/Firefox38onCentOS Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20150513/9e855047/attachment-0001.sig>
On 13/05/2015 11:12, Johnny Hughes wrote:> All, > > Red Hat released the source code for Firefox 38. We have (or willbe > today) releasing this for CentOS-5, CentOS-6, and CentOS-7. > > It does not, by default, connect to https sites with TLS less than 1.2. > This means it will not connect to sites on CentOS-5, for example .. > there are many others. > > In any event, here is a wiki article that explains potential issues and > workarounds: > > http://wiki.centos.org/TipsAndTricks/Firefox38onCentOS > > Thanks, > Johnny Hughes >Hi Johnny, My reading of https://access.redhat.com/node/1422403 is Firefox 38 will connect to sites using TLS 1.0 and 1.1. But ONLY if the server correctly negotiates the connection. This should only effect sites that close the initial connection due to not understanding TLS 1.2. A quick test connecting to a RHEL5 server over HTTPS with Firefox 38 shows it has established a TLS 1.0 connection so this should not really effect CentOS 5. Tris ************************************************************* This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify postmaster at bgfl.org The views expressed within this email are those of the individual, and not necessarily those of the organisation *************************************************************
Am 13.05.2015 um 13:57 schrieb Tris Hoar <trishoar at bgfl.org>:> On 13/05/2015 11:12, Johnny Hughes wrote: >> All, >> >> Red Hat released the source code for Firefox 38. We have (or willbe >> today) releasing this for CentOS-5, CentOS-6, and CentOS-7. >> >> It does not, by default, connect to https sites with TLS less than 1.2. >> This means it will not connect to sites on CentOS-5, for example .. >> there are many others. >> >> In any event, here is a wiki article that explains potential issues and >> workarounds: >> >> http://wiki.centos.org/TipsAndTricks/Firefox38onCentOS >> >> Thanks, >> Johnny Hughes >> > > Hi Johnny, > > My reading of https://access.redhat.com/node/1422403 is Firefox 38 will connect to sites using TLS 1.0 and 1.1. But ONLY if the server correctly negotiates the connection. This should only effect sites that close the initial connection due to not understanding TLS 1.2. > > A quick test connecting to a RHEL5 server over HTTPS with Firefox 38 shows it has established a TLS 1.0 connection so this should not really effect CentOS 5.I can establish a TLS1.0 connection between current EL6 with FF 38 and current EL5 with mod_ssl/httpd. -- LF
On 05/13/2015 06:57 AM, Tris Hoar wrote:> On 13/05/2015 11:12, Johnny Hughes wrote: >> All, >> >> Red Hat released the source code for Firefox 38. We have (or willbe >> today) releasing this for CentOS-5, CentOS-6, and CentOS-7. >> >> It does not, by default, connect to https sites with TLS less than 1.2. >> This means it will not connect to sites on CentOS-5, for example .. >> there are many others. >> >> In any event, here is a wiki article that explains potential issues and >> workarounds: >> >> http://wiki.centos.org/TipsAndTricks/Firefox38onCentOS >> > > Hi Johnny, > > My reading of https://access.redhat.com/node/1422403 is Firefox 38 will > connect to sites using TLS 1.0 and 1.1. But ONLY if the server correctly > negotiates the connection. This should only effect sites that close the > initial connection due to not understanding TLS 1.2. > > A quick test connecting to a RHEL5 server over HTTPS with Firefox 38 > shows it has established a TLS 1.0 connection so this should not really > effect CentOS 5. >You are correct, it will not automatically negotiate a downgrade only. Thank goodness. Still will impact a lot of sites, but not all non TLS 1.2. Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20150513/3308734f/attachment-0001.sig>
Hey Johnny, firefox seems not to have multilanguage support anymore. After the update my firefox turned from german to english. Regards Tim Am 13.05.2015 um 12:12 schrieb Johnny Hughes:> All, > > Red Hat released the source code for Firefox 38. We have (or willbe > today) releasing this for CentOS-5, CentOS-6, and CentOS-7. > > It does not, by default, connect to https sites with TLS less than 1.2. > This means it will not connect to sites on CentOS-5, for example .. > there are many others. > > In any event, here is a wiki article that explains potential issues and > workarounds: > > http://wiki.centos.org/TipsAndTricks/Firefox38onCentOS > > Thanks, > Johnny Hughes > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >
On Wed, May 13, 2015 at 12:26 PM, Tim <lists at kiuni.de> wrote:> Hey Johnny, > > firefox seems not to have multilanguage support anymore. After the > update my firefox turned from german to english. > > Regards > TimYes, it's a known issue. Please follow the links in this post: http://lists.centos.org/pipermail/centos/2015-May/152273.html Akemi