On 10/22/2014 12:15 AM, Kurt Roeckx wrote: > On Tue, Oct 21, 2014 at 06:33:50PM -0700, Nikolaus Rath wrote: >> Package: openssl >> Version: 1.0.1j-1 >> Severity: important >> >> After my last testing upgrade, openssl s_client has trouble accepting >> the -ssl3 and -ssl2 options. This prevents e.g. Gnus from using SSL >> to connect to mailservers. > > It shouldn't be using the -ssl3 option. The -ssl2 option has been > gone for a while. But SSL v3.0 is also insecure and you should > stop using it. > > I also think that it shouldn't be using s_client for anything. > s_client is a debug tool, and will not do what you expect.
I don't think if matters if -ssl3 (or -ssl2) is insecure or not. Either it should be removed completely (i.e., also from the --help output), or it should work. Having it listed in --help but then not working does not make sense, no matter how secure or insecure. Best, Nikolaus -- GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F »Time flies like an arrow, fruit flies like a Banana.« -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org