Package: openssl Version: 1.0.1j-1 Severity: wishlist
Hi. It seems that SSLv3 (and also v2) are disabled now, which is first of all of course great for security reasons. But AFAICS, it's completely gone, i.e. one cannot even intentionally enable it. I mainly have s_client in my mind in order to allow testing. Is it somehow possible to still compile it but just don't use it anywhere per default? Or even better disallow it's use anywhere but e.g. from s_client? Cheers, Chris. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_DE.utf8, LC_CTYPE=en_DE.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openssl depends on: ii libc6 2.19-11 ii libssl1.0.0 1.0.1j-1 openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20140927 -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
