Date: Mon, 20 Oct 2014 17:26:55 +0000 From: bugzilla-noreply@freebsd.org To: ruby@FreeBSD.org Subject: maintainer-feedback requested: [Bug 194491] www/rubygem-httpclient: Bump to version 2.5.1 Message-ID: <bug-194491-21402-fhFc48LOdc@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-194491-21402@https.bugs.freebsd.org/bugzilla/> References: <bug-194491-21402@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
robmessick@gmail.com has asked ruby@FreeBSD.org for maintainer-feedback: Bug 194491: www/rubygem-httpclient: Bump to version 2.5.1 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194491 --- Description --- There are some changes to defaults in httpclient 2.5.0+ to mitigate susceptibility to some recent(ish) SSL atack vectors. See: https://github.com/nahi/httpclient/blob/master/CHANGELOG.md Relevant changes in 2.5.0: """ Disabled SSLv3 in favor of POODLE Attack prevention. Enabled 1/n-1 fragment in favor of BEAST Attack prevention. No TLS compression in favor of CRIME Attack prevention. """ --- Comment #1 from Bugzilla Automation <bugzilla@FreeBSD.org> --- Auto-assigned to maintainer ruby@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-194491-21402-fhFc48LOdc>