Mailinglist Archive: opensuse-buildservice (327 mails)

< Previous Next >
Re: [opensuse-buildservice] OBS is using new login auth proxy
Jan-Simon Möller wrote:
Am Dienstag, 19. April 2011, 15:59:08 schrieb Cristian Rodríguez:

Yes, it is unstable atm, also, it allows SSLv2 ! looks like someone
forgot to disable it in the vhost configuration...

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:
+eNULL

Something like this should work:
https://build.opensuse.org/package/view_file?file=apache2-vhost-ssl.template&package=apache2&project=Apache

That's more or less cosmetic though. More important (and usually
even more broken) are the clients. Clients need to avoid offering
weak methods and ciphers to avoid MITM.

cu
Ludwig

--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >