[CalendarServer-users] Protect against new SSL vuln
Pascal Dallaire
pascaldallaire at cre-gim.net
Thu Oct 16 17:41:03 PDT 2014
Hello there,
Thanks for answering so quickly! I’m trying to use the older variants method before I upgrade the Calendar server completely. But in this patch, isn’t the best method TLSv1? and not SSLv23?
Pascal
Le 2014-10-16 à 12:42, Cyrus Daboo <cdaboo at apple.com> a écrit :
> Hi Pascal,
>
> --On October 16, 2014 at 12:38:37 PM -0400 Pascal Dallaire <pascaldallaire at cre-gim.net> wrote:
>
>> What is the way to disable SSLv3 in CalendarServer to protect against
>> POODLE?
>
> Our trunk code has the fix. The svn diff for the change is here:
>
> <https://trac.calendarserver.org/changeset/14035>
>
> Depending on what version you are using, you should be able to apply that change relatively easily. Older variants might also need the following applied:
>
> <https://trac.calendarserver.org/changeset/14062>
>
> --
> Cyrus Daboo
More information about the calendarserver-users
mailing list