tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 51056] New: Disable / drop support for SSLv2
Date Wed, 13 Apr 2011 18:12:30 GMT

           Summary: Disable / drop support for SSLv2
           Product: Tomcat Native
           Version: 1.1.20
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Library


SSL 2.0 support got removed from many Debian GNU/Linux (and many others linux
distro) and SSL 2.0 is disabled by default in Internet Explorer 7, Mozilla
Firefox 3, Opera and Safari.

It's use has been deprecated, because of weaknesses in the security of the
protocol. For exemple,

I propose to simply drop any support for SSLv2 in Tomcat Native lib with the
attached patch.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message