Re: Why no security update of apache2 concerning SSLv3?

To: debian-user@lists.debian.org
Subject: Re: Why no security update of apache2 concerning SSLv3?
From: Vincent Lefevre <vincent@vinc17.net>
Date: Wed, 18 Mar 2015 01:05:58 +0100
Message-id: <[🔎] 20150318000558.GB24744@xvii.vinc17.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20150312144559.GA27721@darac.org.uk>
References: <[🔎] 20150312120039.GE10276@ypig.lip.ens-lyon.fr> <[🔎] 1426164280.23019.30.camel@Antares.europecamions-interactive.com> <[🔎] 201503120907.12375.gheskett@wdtv.com> <[🔎] 20150312144559.GA27721@darac.org.uk>

On 2015-03-12 14:45:59 +0000, Darac Marjal wrote:
> Hang on. If you're aware of POODLE and you've not taken steps to
> mitigate it, aren't you the one at fault?

This is not the point of view of the admin who said that it's
Debian's job: if Debian doesn't issue a security update, then
this is not a big security problem.

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to:

References:
- Why no security update of apache2 concerning SSLv3?
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: Why no security update of apache2 concerning SSLv3?
  - From: David Guyot <david.guyot@europecamions-interactive.com>
- Re: Why no security update of apache2 concerning SSLv3?
  - From: Gene Heskett <gheskett@wdtv.com>
- Re: Why no security update of apache2 concerning SSLv3?
  - From: Darac Marjal <mailinglist@darac.org.uk>

Prev by Date: Re: Why no security update of apache2 concerning SSLv3?
Next by Date: Re: Why no security update of apache2 concerning SSLv3?
Previous by thread: Re: Why no security update of apache2 concerning SSLv3?
Next by thread: Re: Why no security update of apache2 concerning SSLv3?
Index(es):
- Date
- Thread