tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Utkarsh Dave <utkarshkd...@gmail.com>
Subject Re: Unable to disable SSL in Tomcat 6 for poodle Vulnerability!
Date Wed, 12 Nov 2014 10:43:28 GMT
Ignoring the option to upgrade to Tomcat 7, i tried to configure server.xml
in several differrent ways, but yet SSL protocol was enable.
I see below update on Tomcat site (
http://ci.apache.org/projects/tomcat/tomcat6/docs/changelog.html ) about
poodle fixes.
Disable SSLv3 by default for the APR/native HTTPS connector.
Disable SSLv3 by default (along with SSLv2 which was already disabled by
default) in light of the recently announced POODLE vulnerability
Are these being worked upon. Can you please tell me

Changelog*Tomcat 6.0.43 (markt)*

*Catalina*

 [image: fix] Assert that mapping result object is empty before performing
mapping work in Mapper. (kkolinko)

*Coyote*

 [image: fix] 53952
<http://issues.apache.org/bugzilla/show_bug.cgi?id=53952>: Add support for
TLSv1.1 and TLSv1.2 for APR connector. Based upon a patch by Marcel Ĺ ebek.
(schultz/jfclere) [image: fix] 57102
<http://issues.apache.org/bugzilla/show_bug.cgi?id=57102>: Fix bug that
meant sslEnabledProtocols setting was not recognised for the HTTPS NIO
connector. (markt) [image: add] Disable SSLv3 by default for the APR/native
HTTPS connector. (markt/schultz) [image: fix] Do not increase remaining
counter at end of stream in IdentityInputFilter. (kkolinko) [image: fix]
Disable SSLv3 by default (along with SSLv2 which was already disabled by
default) in light of the recently announced POODLE vulnerability
(CVE-2014-3566). (markt)



On Sun, Nov 2, 2014 at 11:56 PM, Hassan Schroeder <
hassan.schroeder@gmail.com> wrote:

> On Sun, Nov 2, 2014 at 10:09 AM, Utkarsh Dave <utkarshkdave@gmail.com>
> wrote:
>
> > Is there any other way to disable SSL in Tomcat 6.
>
> How many ways do you need? The process described in this thread
> works as indicated with 6.0.37.
>
> --
> Hassan Schroeder ------------------------ hassan.schroeder@gmail.com
> http://about.me/hassanschroeder
> twitter: @hassan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message