[Secure-testing-team] Bug#769905: cyassl: please disable SSLv3
Thijs Kinkhorst
thijs at debian.org
Mon Nov 17 14:30:57 UTC 2014
Package: cyassl
Version: 2.9.4+dfsg-3
Severity: important
Tags: security
Hi,
Can SSLv3 be disabled in cyassl please?
As a reference, OpenSSL disabled this in jessie and sid:
https://packages.qa.debian.org/o/openssl/news/20141015T180434Z.html
It would be good for security and consistency if cyassl would also adopt this
approach and disable the legacy protocol in jessie and sid.
Cheers,
Thijs
More information about the Secure-testing-team
mailing list