Discussion in #ubuntu-hardened with mdeslaur has made a point: We don't wish to disable SSLv3 in the stable versions currently in the packages.
There are upstream code reviews in progress for an option to disable SSL protocols in the configuration file, and that may be an acceptable alternative change. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1389264 Title: ZNC SSL listeners are vulnerable to POODLE. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/znc/+bug/1389264/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
