Univention Bugzilla – Bug 36172
gnutls: SSL3 protocol attack (3.2)
Last modified: 2014-11-04 18:22:51 CET
+++ This bug was initially created as a clone of Bug #36171 +++
+++ This bug was initially created as a clone of Bug #36170 +++
This will requires fixes in openssl, gnutls and nss. Firefox also needs a fix since it uses a local nss copy. (There are additional Firefox issues, so I'll file a separate bug).
We don't need to update gnutls; disabling SSL3 is too intrusive for UCS 3.2 and all TLS/SSL clients (besides web browsers, which perform a special downgrade path) support TLS and will use that during the SSL/TLS handshake.