[ https://issues.apache.org/jira/browse/TS-3135?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14171930#comment-14171930 ]
ASF subversion and git services commented on TS-3135: ----------------------------------------------------- Commit 3e64d405cc30d2400b682960ee52eeababdef17f in trafficserver's branch refs/heads/master from [~zwoop] [ https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;h=3e64d40 ] TS-3135 Disable SSLv3 by default. > Disable SSLv3 by default > ------------------------ > > Key: TS-3135 > URL: https://issues.apache.org/jira/browse/TS-3135 > Project: Traffic Server > Issue Type: Improvement > Components: Security, SSL > Reporter: Leif Hedstrom > Assignee: Leif Hedstrom > Fix For: 5.2.0 > > > In response to > http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html > we should consider changing the default in RecordsConfig.cc: > {code} > gmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc > index 0146cf9..2f78e31 100644 > --- a/mgmt/RecordsConfig.cc > +++ b/mgmt/RecordsConfig.cc > @@ -1224,7 +1224,7 @@ RecordElement RecordsConfig[] = { > , > {RECT_CONFIG, "proxy.config.ssl.SSLv2", RECD_INT, "0", RECU_RESTART_TS, > RR_NULL, RECC_INT, "[0-1]", RECA_NULL} > , > - {RECT_CONFIG, "proxy.config.ssl.SSLv3", RECD_INT, "1", RECU_RESTART_TS, > RR_NULL, RECC_INT, "[0-1]", RECA_NULL} > + {RECT_CONFIG, "proxy.config.ssl.SSLv3", RECD_INT, "0", RECU_RESTART_TS, > RR_NULL, RECC_INT, "[0-1]", RECA_NULL} > , > {RECT_CONFIG, "proxy.config.ssl.TLSv1", RECD_INT, "1", RECU_RESTART_TS, > RR_NULL, RECC_INT, "[0-1]", RECA_NULL} > , > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)