Hello All!

I've removed SSLv3 from the list of supported crypto protocols in
Erlang. This should apply only for cases where application doesn't
define explicitly a list of supported protocols. E.g. if your package
explicitly enables SSLv3 then it will be available, otherwise - won't
be. The packages are available in testing repositories:

- erlang-17.3.4-3.fc21
- erlang-R16B-03.10.fc20
- erlang-R16B-03.10.el7

I'm pretty sure this won't break things which weren't broken already.
However I've heard a bizarre report about RabbitMQ failure when using
Erlang with SSlv3 disabled against some 3rd party crypto tool:

* https://groups.google.com/forum/#!topic/rabbitmq-users/Hs5J9UauJz8

I would be thankful for the testing of RabitMQ against these new Erlang builds.

My next goal is to audit CouchDB, Ejabberd, RabbitMQ packages and
remove any SSLv3 traces from them (or even disable explicitly if
possible/necessary). Just fyi.
-- 
With best regards, Peter Lemenkov.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Reply via email to