POODLE SSLv3 vulnerability
Eygene Ryabinkin
rea at freebsd.org
Wed Oct 15 06:29:42 UTC 2014
Wed, Oct 15, 2014 at 10:02:17AM +0400, Eygene Ryabinkin wrote:
> I'd also introduce an OPTION for Apache, Nginx and other Web servers
> we ship in the ports collection that won't allow to use SSLv3 and turn
> it on by-default. This will break some legacy clients, so it should
> be an OPTION. stunnel, all Web servers for Ruby and other servers
> that do SSL should also be modified to include such modification.
net/haproxy is another port that terminates SSL.
--
Eygene Ryabinkin ,,,^..^,,,
[ Life's unfair - but root password helps! | codelabs.ru ]
[ 82FE 06BC D497 C0DE 49EC 4FF0 16AF 9EAE 8152 ECFB | freebsd.org ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 343 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-gecko/attachments/20141015/d07ebe4e/attachment.sig>
More information about the freebsd-gecko
mailing list