directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-2020) Poodle remediation for ApacheDS 2.X
Date Wed, 19 Nov 2014 15:17:40 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-2020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14218005#comment-14218005
] 

Emmanuel Lecharny commented on DIRSERVER-2020:
----------------------------------------------

Right.

And yes, you'll have to integrate a new version in your product.

Note that if your LDAP server is not visible from the internet (a very basic requirement for
a LDAP server), you should be more or less safe, even with the current version. 

> Poodle remediation for ApacheDS 2.X
> -----------------------------------
>
>                 Key: DIRSERVER-2020
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2020
>             Project: Directory ApacheDS
>          Issue Type: Task
>          Components: ldap
>    Affects Versions: 2.0.0-M10
>         Environment: Production
>            Reporter: RakeshAcharya
>            Priority: Critical
>              Labels: patch
>
> How do we disable SSlv3 protocol for apache DS 2.X ?
> As part of poodle remediation we need to disable SSL v3 ASAP in production boxes as the
scan showed its vulnerable.
> I cant find any configuration pertaining to the same which I could change .



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message