This item seems hard to be really actionable looking at how long nothing happened. So I was looking around to other examples.
It might be overly cautious as mentioned but also just a false positive like [1]. It is quite possible that this was the reason this showed up. [1]: https://github.com/drwetter/testssl.sh/issues/484 ** Bug watch added: github.com/drwetter/testssl.sh/issues #484 https://github.com/drwetter/testssl.sh/issues/484 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1591706 Title: postfix is vulnerable to "Secure Client-Initiated Renegotiation" DoS according to testssl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1591706/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
