[Pkg-openssl-devel] broken backwards compatibility in Jessie: libssl1.0.0 (1.0.1k-3+deb8u1) doesn't allow SSLv3
Kurt Roeckx
kurt at roeckx.be
Mon Jul 6 16:09:09 UTC 2015
On Mon, Jul 06, 2015 at 10:04:03AM +0200, Vincent Bernat wrote:
> ? 6 juillet 2015 09:44 +0200, Andrey Arapov <andrey.arapov at nixaid.com> :
>
> > I came across the problem when SSLv3 simply does not work with the
> > current stable libssl1.0.0 (1.0.1k-3+deb8u1) in Debian Jessie (amd64).
>
> SSLv3 has been disabled completely to circumvent CVE-2014-3566. It is
> unlikely to be enabled again.
And wheezy will disable support for it soon too.
Kurt
More information about the Pkg-openssl-devel
mailing list