Disabling SSLv3 for 2.10.10?

Mark Doliner mark at kingant.net
Thu Oct 16 20:37:04 EDT 2014

I just tagged 2.10.10 and mailed out tar balls to packagers. Sorry, I
didn't have time to really look at this change today, and I'm going on
vacation for the weekend, so I was running out of time. Also I think
it's good to give information to packagers sooner rather than later.

Can I suggest committing this to the public release-2.x.y branch and
it'll go out the next time we do a release? And we could even do a
2.10.11 release if we think it's important.

More information about the security mailing list