[TriLUG] TriLUG responds to POODLE
Hrivnak, Michael
mhrivnak at hrivnak.org
Thu Oct 16 10:14:25 EDT 2014
We've disabled SSLv3 for apache on pilot in response to the POODLE
vulnerability [0]. The impact is that when you visit https://trilug.org,
your browser (or other client) can no longer connect with SSLv3. I don't
expect this change to cause problems for anyone, but let us know if it does.
If you'd like to do the same on your apache deployments, our own Scott
Miller described how to do so in a blog post [1] over a year ago. Wise man!
Michael
[0]
https://securityblog.redhat.com/2014/10/15/poodle-a-ssl3-vulnerability-cve-2014-3566/
[1] https://scottlinux.com/2013/06/18/disable-sslv2-and-sslv3-in-apache/
More information about the TriLUG
mailing list