[Bug 1509586] Re: SSLv3 enabled in apache2 by default
Seth Arnold
1509586 at bugs.launchpad.net
Sat Oct 24 02:26:46 UTC 2015
I don't think we will want to push updates to disable ssl3 on existing
systems, and I'm not sure how feasible it would be to push an update
that only modifies the defaults for brand-new installs. I suspect the
only thing to be done for 14.04 LTS is to educate system administrators
about the risks of ssl3 and how to disable it.
We should certainly verify that ssl3 is disabled by default in xenial.
Thanks
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1509586
Title:
SSLv3 enabled in apache2 by default
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1509586/+subscriptions
More information about the Ubuntu-server-bugs
mailing list