[Pkg-openssl-devel] Bug#838928: Bug#838928: libssl1.0.0: Some E-mail clients stopped working with dropped connections with deb8u5. deb8u3 works ok.
Kurt Roeckx
kurt at roeckx.be
Mon Sep 26 16:35:25 UTC 2016
On Mon, Sep 26, 2016 at 04:38:13PM +0200, Hrvoje Dagelic wrote:
> Package: libssl1.0.0
> Version: 1.0.1t-1+deb8u5
> Severity: important
This is probably a result of moving 3DES from the HIGH level to
the MEDIUM level because of the sweet32 attack.
My guess is that those systems that have a problem are still
running windows XP.
I suggest you alter the settings of your server to allow the
MEDIUM ciphers.
Kurt
More information about the Pkg-openssl-devel
mailing list