[openssl-dev] Disabling SSLv3 in OpenSSL 0.9.8a

Salz, Rich rsalz at akamai.com
Fri Jan 23 16:44:09 UTC 2015

Previous message: [openssl-dev] Disabling SSLv3 in OpenSSL 0.9.8a
Next message: [openssl-dev] Disabling SSLv3 in OpenSSL 0.9.8a
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> In order to fix the Poodle vulnerability on SSLv3, I tried to disable my SSLv3 cipher using the below cipher set, but did not even initiate SSL in 0.9.8a.

If you are running 0.9.8a Poodle is probably the least of your worries.

Looking at https://www.openssl.org/news/openssl-0.9.8-notes.html it appears there are around 50 CVE fixes you are missing.

Previous message: [openssl-dev] Disabling SSLv3 in OpenSSL 0.9.8a
Next message: [openssl-dev] Disabling SSLv3 in OpenSSL 0.9.8a
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssl-dev mailing list