[openssl-dev] Openssl Poodle Vulnerability Clarification
Kurt Roeckx
kurt at roeckx.be
Sun Jul 5 10:22:14 UTC 2015
On Sat, Jul 04, 2015 at 07:02:50PM +0000, Kannan Narayanasamy -X (kannanar - HCL TECHNOLOGIES LIMITED at Cisco) wrote:
> Hi Joy,
>
> Thanks for the steps. I have tried with exclusion option(Command used: ./config no-idea no-ssl3 shared --prefix=/Openssl-1/) and getting the below error while executing the make test command.
I don't think the combination of having SSLv2 enabled and SSLv3
disabled is ever tested, it also doesn't make much sense. Please
use both no-ssl2 and no-ssl3. You might also want to consider
using no-ssl3-method to be really sure SSLv3 isn't supported
anymore.
Kurt
More information about the openssl-dev
mailing list