carlvine500 commented on PR #9770: URL: https://github.com/apache/rocketmq/pull/9770#issuecomment-3430844322
> Do other clients also need to consider accessing the tls.ciphers and tls.protocols? 此次漏洞由<绿盟科技>提供, 我们是一家低代码厂商https://www.clickpaas.com 服务于几十家银行, 扫描后普遍存在此问题, 期望rocketmq官方能兼容这些参数设置 . 绿萌科技的相关漏洞报告截图如下: <img width="1183" height="518" alt="5721761013647_ pic" src="https://github.com/user-attachments/assets/f82a9692-9609-494c-9aca-dd1802c4ffe9"; /> <img width="1205" height="514" alt="5731761118213_ pic" src="https://github.com/user-attachments/assets/e4c17912-7b02-4a51-858a-22fe4b7f8c59"; /> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
