[Secure-testing-team] Bug#801178: Doc recommends use of ssl3
Erwan David
erwan at rail.eu.org
Wed Oct 7 08:33:41 UTC 2015
Package: fetchmail
Version: 6.3.26-1+b1
Severity: important
Tags: security upstream
Doc recommends using sslproto ssl3 (in the man page or in the
README.SSL file). SSLv3 is broken and must be avoided.
-- System Information:
Debian Release: 8.2
APT prefers proposed-updates
APT policy: (700, 'proposed-updates'), (600, 'stable'), (500, 'stable-updates'), (400, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.1.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages fetchmail depends on:
ii adduser 3.113+nmu3
ii debianutils 4.4+b1
ii libc6 2.19-18+deb8u1
ii libcomerr2 1.42.12-1.1
ii libgssapi-krb5-2 1.12.1+dfsg-19
ii libkrb5-3 1.12.1+dfsg-19
ii libssl1.0.0 1.0.1k-3+deb8u1
ii lsb-base 4.1+Debian13+nmu1
Versions of packages fetchmail recommends:
ii ca-certificates 20141019
Versions of packages fetchmail suggests:
pn fetchmailconf <none>
ii postfix [mail-transport-agent] 2.11.3-1
pn resolvconf <none>
-- no debconf information
More information about the Secure-testing-team
mailing list