[Pkg-openssl-devel] Bug#766297: Bug#766297: openssl s_client no longer recognizes -ssl3 option
Nikolaus Rath
Nikolaus at rath.org
Wed Oct 22 23:00:52 UTC 2014
On 10/22/2014 12:15 AM, Kurt Roeckx wrote:
> On Tue, Oct 21, 2014 at 06:33:50PM -0700, Nikolaus Rath wrote:
>> Package: openssl
>> Version: 1.0.1j-1
>> Severity: important
>>
>> After my last testing upgrade, openssl s_client has trouble accepting
>> the -ssl3 and -ssl2 options. This prevents e.g. Gnus from using SSL
>> to connect to mailservers.
>
> It shouldn't be using the -ssl3 option. The -ssl2 option has been
> gone for a while. But SSL v3.0 is also insecure and you should
> stop using it.
>
> I also think that it shouldn't be using s_client for anything.
> s_client is a debug tool, and will not do what you expect.
I don't think if matters if -ssl3 (or -ssl2) is insecure or not.
Either it should be removed completely (i.e., also from the --help
output), or it should work. Having it listed in --help but then not
working does not make sense, no matter how secure or insecure.
Best,
Nikolaus
--
GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F
»Time flies like an arrow, fruit flies like a Banana.«
More information about the Pkg-openssl-devel
mailing list