On Thu 12 Mar 2015 at 11:01:00 -0400, Gene Heskett wrote: > On Thursday 12 March 2015 10:45:59 Darac Marjal wrote: > > On Thu, Mar 12, 2015 at 09:07:12AM -0400, Gene Heskett wrote: > [...] > > > > > > Considering that I _am_ running an apache server here, AND it faces > > > the world, this lack of a fix for POODLE, seems to be a serious lack > > > on the part of the apache people for not pushing a fix, with lots of > > > noise, or if its available, a fairly serious screw you attitude on > > > the part of the debian folks in control of that. Strong language > > > maybe, but it needs to be said. > > > > Hang on. If you're aware of POODLE and you've not taken steps to > > mitigate it, aren't you the one at fault? I mean, yes, debian could > > put out a patch which changes the default settings but this probably > > won't affect vservers, or other configuration files stashed about the > > place. > > The info on how to do that has not exactly been front page news in my > local fishwrap.
Considering that you are running an apache server, AND it faces the world, this lack of publicity about a fix for your machine seems to be a serious lack on the part of the local rag for not publishing it with lots of noise. Its management needs a good talking to. Alternatively, (and this is far more likely), it looks like a fairly serious bit of cocking up on the part of whoever administers your machines. You should have words with them about keeping on top of security issues. Strong language maybe, but it needs to be said. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150312191531.gf8...@copernicus.demon.co.uk
