Bug#611461: iceweasel still does insecure ssl renegotiation?!
Christoph Anton Mitterer
calestyo at scientia.net
Sat Jan 29 17:01:48 UTC 2011
Justification: user security hole
It seems that iceweasel still is vulnerable to the SSL renegotiation attack,
as simply is configured per default to allow the vulnerable renegotiation:
More information about the pkg-mozilla-maintainers