Disabling SSLv3 for 2.10.10?
Mark Doliner
mark at kingant.net
Thu Oct 16 20:37:04 EDT 2014
I just tagged 2.10.10 and mailed out tar balls to packagers. Sorry, I
didn't have time to really look at this change today, and I'm going on
vacation for the weekend, so I was running out of time. Also I think
it's good to give information to packagers sooner rather than later.
Can I suggest committing this to the public release-2.x.y branch and
it'll go out the next time we do a release? And we could even do a
2.10.11 release if we think it's important.
More information about the security
mailing list