wok diff lighttpd-ssl/receipt @ rev 17237
postfix, apache lighttpd-ssl, nginx: CVE-2014-3566
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Sat Oct 18 14:11:33 2014 +0200 (2014-10-18) |
| parents | e6759743694c |
| children | 4da6b4009226 |
line diff
1.1 --- a/lighttpd-ssl/receipt Sun Mar 02 19:09:41 2014 +0100 1.2 +++ b/lighttpd-ssl/receipt Sat Oct 18 14:11:33 2014 +0200 1.3 @@ -76,6 +76,9 @@ 1.4 \$SERVER["socket"] == ":443" { 1.5 protocol = "https://" 1.6 ssl.engine = "enable" 1.7 + # Unsafe, see CVE-2014-3566 POODLE 1.8 + ssl.use-sslv2 = "disable" 1.9 + ssl.use-sslv3 = "disable" 1.10 ssl.pemfile = "/etc/ssl/lighttpd/lighttpd.pem" 1.11 } 1.12 EOT