Bug#803974: libnet-tclink-perl: FTBFS: Uses SSLv3_client_method
Kurt Roeckx
kurt at roeckx.be
Tue Nov 3 19:39:56 UTC 2015
Source: libnet-tclink-perl
Version: 3.4.0-7
Severity: serious
Hi,
Your package does this in tclink.c:
c->meth = SSLv3_client_method();
Please call SSLv23_client_method() instead. The SSLv3_* methods
only supports SSLv3 while the SSLv23_* is the only that supports
multiple versions.
The SSLv3_* methods have now been removed in unstable.
SSLv3 is no longer considered secure and you should stop using it.
SSLv3 support has been disabled in jessie when using the SSLv23_*
methods but you could still use it using the SSLv3_* methods.
I suggest you fix this in all releaes.
Kurt
More information about the pkg-perl-maintainers
mailing list