[Bug 194491] New: www/rubygem-httpclient: Bump to version 2.5.1

bugzilla-noreply Mon, 20 Oct 2014 10:27:19 -0700

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194491


            Bug ID: 194491
           Summary: www/rubygem-httpclient: Bump to version 2.5.1
           Product: Ports Tree
           Version: Latest
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: r...@freebsd.org
          Reporter: robmess...@gmail.com
          Assignee: r...@freebsd.org
             Flags: maintainer-feedback?(r...@freebsd.org)

There are some changes to defaults in httpclient 2.5.0+ to mitigate
susceptibility to some recent(ish) SSL atack vectors.

See: https://github.com/nahi/httpclient/blob/master/CHANGELOG.md

Relevant changes in 2.5.0:
"""
    Disabled SSLv3 in favor of POODLE Attack prevention.
    Enabled 1/n-1 fragment in favor of BEAST Attack prevention.
    No TLS compression in favor of CRIME Attack prevention.
"""

--- Comment #1 from Bugzilla Automation <bugzi...@freebsd.org> ---
Auto-assigned to maintainer r...@freebsd.org

-- 
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-ruby@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ruby
To unsubscribe, send any mail to "freebsd-ruby-unsubscr...@freebsd.org"

[Bug 194491] New: www/rubygem-httpclient: Bump to version 2.5.1

Reply via email to