[openssl-users] [openssl-security] Openssl Vulnerability detected

[Viktor Dukhovni]

> On Dec 22, 2017, at 7:03 AM, Salz, Rich <rsalz at akamai.com> wrote:
> 
> Having said that, the answer is upgrade to a supported version, ideally 1.1.0

A better answer is typically to deploy the latest patched version from the
platform vendor.  And to not enable SSLv2 or SSLv3.  Most applications 
support configurable cipher strings.  If one wants to disable DES and 3DES
just set the cipherstring to:

	DEFAULT:!3DES:!LOW:!EXPORT

plus any other desired exclusions.

-- 
	Viktor.