[Pkg-openssl-devel] Bug#338006: Workaround
Jim Paris
jim at jtan.com
Sat Jan 7 02:17:14 UTC 2006
This bug also breaks subversion (see #336373; the bug was closed but
it's still broken).
For subversion, which goes through apache, I found that a workaround
is to limit the ciphers on the Apache end. Removing all SSLv3 ciphers
except RC4 seems to do the trick. For example, my apache2
configuration now has:
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
Perhaps a similar workaround can help Nessus et al. until this bug
finally gets fixed.
-jim
More information about the Pkg-openssl-devel
mailing list