diff options
author | Yang Tse <yangsita@gmail.com> | 2012-01-18 04:33:49 +0100 |
---|---|---|
committer | Yang Tse <yangsita@gmail.com> | 2012-01-18 11:59:20 +0100 |
commit | a20daf90e358c1476a325ea665d533f7a27e3364 (patch) | |
tree | d78d7d5e27923961a01d0f2dbd3b63aa279258e6 /tests/secureserver.pl | |
parent | 24526d0c0f4209eb77c807afdb15da301c7d021b (diff) |
OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option is no longer enabled
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option enabling allowed successfull
interoperability with web server Netscape Enterprise Server 2.0.1 released
back in 1996 more than 15 years ago.
Due to CVE-2010-4180, option SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG has
become ineffective as of OpenSSL 0.9.8q and 1.0.0c. In order to mitigate
CVE-2010-4180 when using previous OpenSSL versions we no longer enable
this option regardless of OpenSSL version and SSL_OP_ALL definition.
Diffstat (limited to 'tests/secureserver.pl')
0 files changed, 0 insertions, 0 deletions