[
https://issues.apache.org/jira/browse/QPID-6156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14173906#comment-14173906
]
ASF subversion and git services commented on QPID-6156:
-------------------------------------------------------
Commit 1632376 from [~godfrer] in branch 'qpid/trunk'
[ https://svn.apache.org/r1632376 ]
QPID-6156 : tidy up and ensure that there is no chance of inadvertantly adding
an previously unenabled but supported protocol that is not SSLv3
> [Java Broker] [Java Client] Disable SSLv3 support
> -------------------------------------------------
>
> Key: QPID-6156
> URL: https://issues.apache.org/jira/browse/QPID-6156
> Project: Qpid
> Issue Type: Bug
> Components: Java Broker, Java Client
> Reporter: Rob Godfrey
> Assignee: Rob Godfrey
> Fix For: 0.31
>
>
> SSLv3 is vulnerable to CVE-2014-3566, and will not fixed.
> Wherever a seure connection is established we should ensure that SSLv3 is not
> in the supported protocols.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
