Control: tag -1 moreinfo On Thu, Oct 13, 2016 at 16:28:58 +0200, Didier 'OdyX' Raboud wrote:
> We've been made aware that CUPS' SSL as of Jessie (and Wheezy, but I'll see > this with the LTS team) is vulnerable to POODLE. > > Here come: > - patch; > str4476-disable-sslv3-and-rc4-by-default.patch > - git commit series; > 0001-Disable-SSLv3-and-RC4-by-default-to-address-POODLE-v.patch > 0002-Refresh-patches.patch > 0003-cups-1.7.5-11-deb8u2-Debian-release.patch > - and debdiff > cups_1.7.5-11+deb8u2.debdiff > The debdiff is the one we tend to look at, but it looks like it was not attached. Cheers, Julien
