Hi,
On Fri, 17 Oct 2014 14:39:52 +0200
Christian Tacke <christian.tacke+debian....@cosmokey.com> wrote:
> Hi,
>
> looking at CVE-2014-3566 ("POODLE") it seems a very good
> idea to finally disable SSL 3.0 by default ("secure by
> default"). Please test attached patch.
I'd say go with this instead:
http://git.lighttpd.net/lighttpd/lighttpd-1.x.git/commit/?id=084df7e99a8738be79f83e330415a8963280dc4a
You can still add the option in the config example of course, or just
mention its existance there.
regards,
Stefan
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
