On Wed, Apr 25, 2012 at 02:02:12PM +0100, ael wrote: > > The problem is that openssl 1.0.0 turned on a non-existing > > option in SSL_OP_ALL, which the 1.0.1 version interpretes as > > disabling support for TLS 1.1. > > Is this to be fixed (upstream?) soon? Or is a debian patch needed? > It is worrying to have to use an old version when several security fixes > have been subsequently applied.
I've opened a bug report upstream about this: http://rt.openssl.org/Ticket/Display.html?id=2802&user=guest&pass=guest Kurt -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
