If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.
Hello, OpenSSL has implemented the reccomeded way to deal with the SSLv3 poodle vulnerability : not removing sslv3 support but preventing up to date browers from being able to downgrade to SSL3 when both them and the server accept more secure protocols.
We have disabled SSLv3 but some sites that enable SSL just for SEO prefer to remain compatible with IE6 and Firefox is rumoured to not use TLS on other ports than the default 443.
Google recommends not disabeling SSLv3 as it is still better than no SSL but making it so a brower that is TLS compatible can be tricked into using SSLv3 thus making this vulnerability useless with a modern browser.
Hello John,
Thank you for reaching out! There is no exact information yet, but if there is this update in CentOS 6 then it will also be in ClоudLinux. We will be following RHEL on that. Thanks.
When OpenSSL is configured with no-ssl3 as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them
> When OpenSSL is configured with no-ssl3 as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them.
Hello Stanko,
If you mean https://cve.mitre.org/cgi-bin/cvenam...=CVE-2014-3568 then СentOS 6 / CL 6 does not have this patch yet and on CentOS 7 / CL7 the version of OpenSSL that does not get into affected.
Thanks
To avoid this vulnerability, Red Hat recommends disabling SSL and using only TLSv1.1 or TLSv1.2. Backwards compatibility can be achieved using TLSv1.0. Many products Red Hat supports have the ability to use SSLv2 or SSLv3 protocols, or enable them by default. However use of SSLv2 or SSLv3 is now strongly recommended against. vidmate.appsaveinsta
We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.
By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.
Tweet
Comment