[Pkg-haproxy-maintainers] Bug#822954: Bug#822954: haproxy-1.5.8 Disable SSLv3

Vincent Bernat bernat at debian.org
Fri Apr 29 12:54:56 UTC 2016


 ❦ 29 avril 2016 14:23 +0400, "Anoop Seburuth" <anoop at hackers.mu> :

> As Described the problem: https://www.rfc-editor.org/rfc/rfc7568.txt
> According to rfc7568, sslv3 is no longer considered secure. This patch
> disables sslv3 if the system's openssl is compiled without
> it. (Jessie)

This patch is applied in more recent versions of HAProxy. So, this fix
would be only for Jessie. I highly doubt that we could push such a patch
to a stable release. Isn't SSLv3 already not usable due to the fact it
is disabled in OpenSSL?
-- 
What I tell you three times is true.
		-- Lewis Carroll
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-haproxy-maintainers/attachments/20160429/5d2caaaf/attachment.sig>


More information about the Pkg-haproxy-maintainers mailing list