https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6595
Bug #: 6595
Summary: "Disable SSLv2 support due to its removal from
OpenSSL" - Debian patch
Product: Spamassassin
Version: SVN Trunk (Latest Devel Version)
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: spamc/spamd
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
Created attachment 4898
--> https://issues.apache.org/SpamAssassin/attachment.cgi?id=4898
Disable SSLv2 support due to its removal from OpenSSL
Patch attached. I'm not sure what version it should be applied to. I think it
fixes a build breakage with the latest version of SSL. Description of change
from Debian:
>From debian/changelog:
spamassassin (3.3.1-2) unstable; urgency=low
* Disable SSLv2 support due to its removal from OpenSSL (Closes: 622053)
...
-- Noah Meyerhans <[email protected]> Sun, 10 Apr 2011 20:58:34 -0700
>From debian/NEWS:
spamassassin (3.3.1-2) unstable; urgency=low
This version of spamassassin introduces a change in behavior when
using SSL to encrypt communication between spamc and spamd. This
change only affects usage of spamc or spamd with the --ssl option.
Due to protocol insecurity, OpenSSL has removed support for SSL
version 2. Consequently, the "sslv2" and "sslv23" options have been
removed from spamc and spamd. The default option is sslv3.
This change should be transparent unless you are using spamc or spamd
with a peer that is explicitly configured to use only sslv2
-- Noah Meyerhans <[email protected]> Sun, 10 Apr 2011 18:27:36 -0700
--
Configure bugmail:
https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
