[Bug 1381537] Re: Dovecot version in precise too old to switch off SSLv3 protocol for "poodle" fix
Mike Threesi
mike366 at gmail.com
Sat Jul 11 21:51:32 UTC 2015
OK, I hate to be so stupid, but I need some help and can't seem to
locate anyone knowledgeable so far:
In 10-ssl.conf I added: ssl_protocols = !SSLv2 !SSLv3 (to no avail so i
think I am not patched)
Would appreciate some helpful comments / guidance please...
I did a fresh install of 12.04.5 on another machine, thinking that there
had been a patch for dovecot, but I am still getting this error, so I
assume it is not patched in 12.04.5 ? Or how do I get the patch
installed?
This accepts the login: `openssl s_client -connect localhost:993 -ssl3`
This gives an error: `openssl s_client -connect localhost:465 -ssl3`
"139852816377504:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl
handshake failure:s3_pkt.c:59"
This too gives an error: `openssl s_client -connect localhost:25 -ssl3`
"140205816501920:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong
version number:s3_pkt.c:339"
So if I go to a poodle website and check, they return OK for Poodle
EXCEPT for 993 port, do you know what I am doing wrong?
BTW, these are the exact results from my long running 12.04.4 ubuntu,
and we need to stay on 12.04 for now.
Throw me a bone, please - give me some detailed instructions of how I
can fix this, thank you. My goal is to have port 25, 587, 465, 993, etc
all !SSLv3 compliant.
Thank you
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to dovecot in Ubuntu.
https://bugs.launchpad.net/bugs/1381537
Title:
Dovecot version in precise too old to switch off SSLv3 protocol for
"poodle" fix
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dovecot/+bug/1381537/+subscriptions
More information about the Ubuntu-server-bugs
mailing list