Re: SSL V3 Vulnerability in HTTP Repository Access.

From: Mohsin <mohsinchandia_at_gmail.com>
Date: Sat, 25 Oct 2014 18:33:41 -0700 (PDT)

Thanks.

>If you use HTTP "http://" you are not using SSL/TLS. You are not
>affected by POODLE, but also not using encryption.

We are using HTTP so we are not affected by POODLE.

>If using SSH/TLS, the server does not use serf. Turn off SSL 3.0 in the
>Apache httpd configuration. No upgrade required, simple configuration
>change.

Can you tell when SSH/TLS is used ? In my case we are using HTTP protocol.
How can I disable SSL 3.0 in Apache conf ?

Regards
Mohsin

--
View this message in context: http://subversion.1072662.n5.nabble.com/SSL-V3-Vulnerability-in-HTTP-Repository-Access-tp190716p190719.html
Sent from the Subversion Users mailing list archive at Nabble.com.

Received on 2014-10-26 02:34:10 CEST

This message: [ Message body ]
Next message: Andreas Stieger: "Re: SSL V3 Vulnerability in HTTP Repository Access."
Previous message: Andreas Stieger: "Re: SSL V3 Vulnerability in HTTP Repository Access."
In reply to: Andreas Stieger: "Re: SSL V3 Vulnerability in HTTP Repository Access."
Next in thread: Andreas Stieger: "Re: SSL V3 Vulnerability in HTTP Repository Access."
Reply: Andreas Stieger: "Re: SSL V3 Vulnerability in HTTP Repository Access."
Reply: David Lowe: "Re: SSL V3 Vulnerability in HTTP Repository Access."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]