Package: nginx Version: 1.6.2-2 Severity: important Hi,
Please disable the legacy SSLv3 protocol by default for installations of nginx. It doesn't need to be disabled completely per se, but should not be available on a default installation. This helps to defend against the recent "POODLE" attack (CVE-2014-3566). Thanks, Thijs -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
