[Pkg-haproxy-maintainers] Bug#822954: Bug#822954: haproxy-1.5.8 Disable SSLv3
bernat at debian.org
Fri Apr 29 12:54:56 UTC 2016
❦ 29 avril 2016 14:23 +0400, "Anoop Seburuth" <anoop at hackers.mu> :
> As Described the problem: https://www.rfc-editor.org/rfc/rfc7568.txt
> According to rfc7568, sslv3 is no longer considered secure. This patch
> disables sslv3 if the system's openssl is compiled without
> it. (Jessie)
This patch is applied in more recent versions of HAProxy. So, this fix
would be only for Jessie. I highly doubt that we could push such a patch
to a stable release. Isn't SSLv3 already not usable due to the fact it
is disabled in OpenSSL?
What I tell you three times is true.
-- Lewis Carroll
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 818 bytes
Desc: not available
More information about the Pkg-haproxy-maintainers