[pkg-fetchmail-maint] Bug#622054: Bug#622054: PATCH: fix SSLv2_client_method-related FTBFS.
Nico Golde
nion at debian.org
Tue Apr 12 19:18:10 UTC 2011
Hi,
* Matthias Andree <matthias.andree at gmx.de> [2011-04-11 16:06]:
> commit c22a3afca46c83ee6d53a6ee58deb122f309c460
> Author: Matthias Andree <matthias.andree at gmx.de>
> Date: Mon Apr 11 14:08:32 2011 +0200
>
> Remove support for SSLv2 (fixes Debian Bug #622054).
>
> SSLv2 has been deprecated since 1996, and is insecure.
> Remove --sslproto SSL2 support.
> Set SSL_OP_NO_SSLvSSL_CTX 2 option so that the SSLv23 multi-version
> client no longer negotiates SSLv2.
>
> Note that some distributions (such as Debian) build OpenSSL 1.0.0
> without SSLv2 support, so on those, the build would fail.
>
> Fixes Debian Bug #622054
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622054
Thanks for the patch, will upload a new fetchmail package probably tomorrow.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-fetchmail-maint/attachments/20110412/c5cd0b8f/attachment.pgp>
More information about the pkg-fetchmail-maint
mailing list