[BlueOnyx:16245] Re: SSL v3 POODLE vulnerability
Michael Stauber
mstauber at blueonyx.it
Tue Oct 21 20:38:30 -05 2014
Hi Ken,
> I do see that with an update Dovecot 2.1 or later there is a fix that
> would allow the servers to pass a PCI scan:
> https://linode.com/docs/security/security-patches/disabling-sslv3-for-poodle
>
> That would be nice for those nervous customers.
Yeah, there are some really nice features in the new Dovecot and that
makes it really worthwhile to bite into the sour apple and no longer
depend on upstream to provide Dovecot for us.
Last week I tried to disable SSLv3 with the stock Dovecot on a 5207R and
it then simply wouldn't handle any encrypted connections anymore. Not
even TLSv1.0 and most definitely not TLSv1.2.
So I'll build an updated version once I'm back from my holiday and it'll
have SSLv3 disabled.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list