[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SSL V3 Vulnerability in HTTP Repository Access.

From: Mohsin <mohsinchandia_at_gmail.com>
Date: Sat, 25 Oct 2014 18:33:41 -0700 (PDT)

Thanks.

>If you use HTTP "http://" you are not using SSL/TLS. You are not
>affected by POODLE, but also not using encryption.

We are using HTTP so we are not affected by POODLE.

>If using SSH/TLS, the server does not use serf. Turn off SSL 3.0 in the
>Apache httpd configuration. No upgrade required, simple configuration
>change.

Can you tell when SSH/TLS is used ? In my case we are using HTTP protocol.
How can I disable SSL 3.0 in Apache conf ?

Regards
Mohsin

--
View this message in context: http://subversion.1072662.n5.nabble.com/SSL-V3-Vulnerability-in-HTTP-Repository-Access-tp190716p190719.html
Sent from the Subversion Users mailing list archive at Nabble.com.
Received on 2014-10-26 02:34:10 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.