Date: Mon, 23 Mar 2015 14:09:16 -0400 From: Jung-uk Kim <jkim@FreeBSD.org> To: "Philip M. Gollucci" <pgollucci@p6m7g8.com> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r280306 - in head: secure/lib/libcrypto secure/lib/libssl sys/sys Message-ID: <551056CC.10903@FreeBSD.org> In-Reply-To: <CACM2dAaREzFt1LfF9YRYsO7nJ0Uv7Bckt_Epgb=Vj9R0VfZikQ@mail.gmail.com> References: <201503202348.t2KNmCM0033402@svn.freebsd.org> <CACM2dAaREzFt1LfF9YRYsO7nJ0Uv7Bckt_Epgb=Vj9R0VfZikQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 03/23/2015 11:35, Philip M. Gollucci wrote: > What about SSLv3 due to POODLE ? IMHO, it is too early to remove SSLv3 support because it is still widely used although there are known vulnerabilities. Please use OpenSSL from ports, i.e., security/openssl, i.e., turn off both SSL2 and SSL3 options and compile all ports with it. Jung-uk Kim -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVEFbGAAoJEHyflib82/FGtH0H/jEr8VI2EIh4T0qmOyaXbwEg Aqz6sIO1AJe/PultpqEMSUWPKofHNH4YstOcaHQ421g22tcGjK3VgwhzSG97IPjH vlSY3451DDw0FzQVD20N3c8B0tjnrM2QD9K+wULvE74W9Yu6woSgQN/kLqhGnuss qPM3MemKNYq5euGnWVzXaY+IuDHFf8CFKanpymVFc378rV/M4tgXJbesNOX9Koiv VC7tvfn7slsr/bHSqC6zdDNk5BkL3iaNGceHweMeIQ8HeTtglESVjjOnBMayxsYS YKapEONNnhVh+Waq2jH0JylDIfotWMylvxFRLlW99oSPnvVHOMhsr+gEh6LxZGQ= =a8q9 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?551056CC.10903>