The relevant bug is here
>
> https://bugs.gentoo.org/show_bug.cgi?id=576128
>
> If you have sslv2 enabled, your choices are clear:
>
> 1. high likelihood of wholesale breakage, or
> 2. wait a little longer for a proper fix
>
> Obviously -r1 is ideal as it disables sslv2. If you have it and it
>
On 04/03/2016 15:57, walt wrote:
> I notice that openssl-1.0.2g-r2 restores SSLv2 as a temporary fix
> for the breakage caused by r1 yesterday.
>
> My machines are working just fine without SSLv2 so I'm going to skip
> the update to r2 and keep r1 while waiting for a permanent fix. I'm
> not a
I notice that openssl-1.0.2g-r2 restores SSLv2 as a temporary fix
for the breakage caused by r1 yesterday.
My machines are working just fine without SSLv2 so I'm going to skip
the update to r2 and keep r1 while waiting for a permanent fix. I'm
not a security expert, so I'd like to hear opinions
3 matches
Mail list logo
