Package: arora Version: 0.11.0-1 Severity: important Tags: security Arora is using insecure SSL ciphers. Please consider disabling following:
TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 Good checker: https://www.ssllabs.com/ssltest/viewMyClient.html -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.9-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages arora depends on: ii libc6 2.17-97 ii libgcc1 1:4.8.2-15 ii libqt4-network 4:4.8.5+git209-g718fae5+dfsg-1 ii libqt4-script 4:4.8.5+git209-g718fae5+dfsg-1 ii libqt4-sql 4:4.8.5+git209-g718fae5+dfsg-1 ii libqtcore4 4:4.8.5+git209-g718fae5+dfsg-1 ii libqtgui4 4:4.8.5+git209-g718fae5+dfsg-1 ii libqtwebkit4 2.2.1-7 ii libstdc++6 4.8.2-15 arora recommends no packages. arora suggests no packages. -- no debconf information
signature.asc
Description: Digital signature
