On Tue, Mar 08, 2016 at 06:48:11PM +0200, Eero Volotinen wrote:
> Err. Is there patch to disable sslv2 in postfix 2.3 ?
No. The supported Postfix releases are at this time 2.10, 2.11,
3.0 and 3.1.
Since the underlying issue is in OpenSSL, instead disable SSLv2 in
OpenSSL, unless you're also using an EoL release of that. The
patches for 1.0.1r->1.0.1s can be backported to 0.9.8zh with a bit
of care.
You then might also want:
https://github.com/openssl/openssl/commit/133138569f37d149ed1d7641fe8c75a93fded445
Of course even better, just upgrade to 3.0.4 or 3.1.0.
--
Viktor.
