directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emmanuel Lecharny (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-2020) Poodle remediation for ApacheDS 2.X
Date Wed, 19 Nov 2014 15:27:33 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-2020?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14218025#comment-14218025
] 

Emmanuel Lecharny commented on DIRSERVER-2020:
----------------------------------------------

Actually, I would suggest you use a version that will manage the pb though configuration.
The next version will mitigate the SSL issue with a (kind of) ugly patch, where we hard wired
the list of protocols we support (and it excludes SSLv3).

In the very next version, we will move this list in the configuration, so that if, say, TLS
v1.1 gets proven to be broken, then one can remove it from the list of protocols.

> Poodle remediation for ApacheDS 2.X
> -----------------------------------
>
>                 Key: DIRSERVER-2020
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-2020
>             Project: Directory ApacheDS
>          Issue Type: Task
>          Components: ldap
>    Affects Versions: 2.0.0-M10
>         Environment: Production
>            Reporter: RakeshAcharya
>            Priority: Critical
>              Labels: patch
>
> How do we disable SSlv3 protocol for apache DS 2.X ?
> As part of poodle remediation we need to disable SSL v3 ASAP in production boxes as the
scan showed its vulnerable.
> I cant find any configuration pertaining to the same which I could change .



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message