https://bz.apache.org/bugzilla/show_bug.cgi?id=57120
Petr Sumbera <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Petr Sumbera <[email protected]> --- It would be probably better to disable SSLv3 in binary directly and not just in ssl config file. Note that Apache 2.4 doesn't have SSLProtocol diretive in sample ssl config file. I'm proposing to limit SSL_PROTOCOL_ALL macro just fro TLS protocols. This still allows to use SSLProtocol directive and add +SSLv3 if really needed. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
