It is not correct. Adding !SSLv3 to the cipher list removes the set of
*ciphers* specified in the SSLv3 cipher suite [1], which would also
disable ciphers listed in other suites. It has no effect on the
*protocols* used.
[1] http://www.openssl.org/docs/apps/ciphers.html
--
You received this bug
Here is the patch from the mailing list([3] in original post)
** Patch added: "disable SSLv3 in dovecot"
https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/1381537/+attachment/4237577/+files/dovecot-sslv3-disable.diff
** Tags added: precise
--
You received this bug notification because
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3566
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1381537
Title:
D
