[TriLUG] TriLUG responds to POODLE
Aaron Schrab
aaron at schrab.com
Thu Oct 16 19:23:38 EDT 2014
At 10:14 -0400 16 Oct 2014, "Hrivnak, Michael" <mhrivnak at hrivnak.org> wrote:
>We've disabled SSLv3 for apache on pilot in response to the POODLE
>vulnerability [0]. The impact is that when you visit https://trilug.org,
>your browser (or other client) can no longer connect with SSLv3.
What about other services which use SSL, such as postfix and dovecot?
>From a cursory look at the config files those haven't been modified.
Linode has a page with info on making the same type of change for these
and many other services:
https://www.linode.com/docs/security/security-patches/disabling-sslv3-for-poodle
More information about the TriLUG
mailing list