On 29/07/2012 12:27, Kurt Roeckx wrote: > On Sun, Jul 29, 2012 at 12:02:41PM +0200, Olivier Bonvalet wrote: >> Package: openssl >> Version: 1.0.1c-3 >> Severity: important >> >> --- Please enter the report below this line. --- >> >> I can't connect to hosts which allow only SSLv3 : >> >> $ openssl s_client -connect www.ovh.com:443 > This also works: > openssl s_client -no_tls1_1 -connect www.ovh.com:443 > [...] > Protocol : TLSv1 > >> Note that *gnutls* is also affected, but browsers like Lynx, Iceweasel, >> Chromium or Empathy doesn't have any trouble. > Yes, the site you're talking to is broken. Nothing we can do > about that other than disable TLS > 1.1, or retry with it > disabled. > > > Kurt > >
Thanks for the clarification Kurt. Just a question : why is it working from Debian Squeeze ? Is it because in Debian Squeeze TLS > 1.1 is not compatible ? Olivier -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
