On Fri, 2014-10-17 at 12:03 +0000, Torben Andresen wrote: > i think the most of you heard of the POODLE Attack. On many sites is > now the note that Mozilla and Google will disable SSL(v3) in the > near > future and there are tips how to disable this manually by now. Is > there any possibility to do this in Epihpany?
So after a bit more discussion with Dan Winship: Epiphany is indeed
vulnerable to POODLE [1]. The current plan is to disable SSLv3 in
WebKitGTK+, but this requires a software update. There is a workaround
[2] you can use to disable SSLv3 in the meantime, by starting Epiphany
from the command line like this:
G_TLS_GNUTLS_PRIORITY=${G_TLS_GNUTLS_PRIORITY:-NORMAL:%COMPAT:\!
VERS-SSL3.0} epiphany
[1] https://bugzilla.gnome.org/show_bug.cgi?id=738633#c15
[2] https://bugzilla.gnome.org/show_bug.cgi?id=738633#c4
signature.asc
Description: This is a digitally signed message part
_______________________________________________ epiphany-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/epiphany-list
