[Pkg-haskell-maintainers] Bug#768164: Bug#768164: haskell-tls: SSLv3 support
Thijs Kinkhorst
thijs at debian.org
Sun Nov 16 11:48:05 UTC 2014
Hi Joachim,
> > openssl disabled it entirely; it features a dedicated build flag for it
> > (no-ssl3).
>
> Ok, I think we can easily follow suit here. Removing code is always
> simple :-)
>
> > Could you approach haskell-tls upstream for their recommendation to
> > disable it?
>
> Vincent, did you consider this issue already?
Upstream has removed SSLv3 from the default cipher list:
https://github.com/vincenthz/hs-tls/commit/5353bd2f717a31fd63c2a5d67112d8d8279bd1e6
Can you at least make an upload to sid that incorporates this patch so we
can get it into jessie?
Disabling it entirely is then of course still an option but removing it
from the defaults list is already a big win.
Cheers,
Thijs
More information about the Pkg-haskell-maintainers
mailing list