[BlueOnyx:16243] Re: SSL v3 POODLE vulnerability
Ken Marcus
kenbxlist at precisionwebhosting.com
Tue Oct 21 16:38:18 -05 2014
On 10/17/2014 10:25 AM, Michael Stauber wrote:
> Hi Dan,
>
>> I still think we should disable SSL 3 but it does
>> help a lot.
> Yeah, it should be disabled. The tricky part is Dovecot. Need to build
> an all new version for that, so this will take time.
I do see that with an update Dovecot 2.1 or later there is a fix that
would allow the servers to pass a PCI scan:
https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle
That would be nice for those nervous customers.
Ken Marcus
More information about the Blueonyx
mailing list