Thanks David & Andreas .
regards
Mohsin
Software Enginner-Configuration Management
--
View this message in context:
http://subversion.1072662.n5.nabble.com/SSL-V3-Vulnerability-in-HTTP-Repository-Access-tp190716p190726.html
Sent from the Subversion Users mailing list archive at Nabble.com.
Thanks David & Andreas .
regards
Mohsin
Software Engineer-Configuration Management (CM)
--
View this message in context:
http://subversion.1072662.n5.nabble.com/SSL-V3-Vulnerability-in-HTTP-Repository-Access-tp190716p190727.html
Sent from the Subversion Users mailing list archiv
On 2014 Oct 25, at 6:33 PM, Mohsin wrote:
>> If you use HTTP "http://"; you are not using SSL/TLS. You are not
>> affected by POODLE, but also not using encryption.
>
> We are using HTTP so we are not affected by POODLE.
>
>
>> If using SSH/TLS, the server does not use serf. Turn off SSL 3.0
> On 26 Oct 2014, at 01:33, Mohsin wrote:
>
> Can you tell when SSH/TLS is used ? In my case we are using HTTP protocol.
Whenever a capable administrator configures the system to support it and users
use the correct scheme, or are forced to do so as is the case with many
production deployment
figuration. No upgrade required, simple configuration
>change.
Can you tell when SSH/TLS is used ? In my case we are using HTTP protocol.
How can I disable SSL 3.0 in Apache conf ?
Regards
Mohsin
--
View this message in context:
http://subversion.1072662.n5.nabble.com/SSL-V3-Vulnera
Hi,
On 25/10/14 23:26, Mohsin wrote:
> We are using HTTP protocol for repository access
> (http://abc.svn.com/svn/Repo/) over the internet for this case we are using
> tortoise svn client V 1.8.7 which is dependent on serf and serf is using SSL
> V3 . I just read serf version 1.3.5 is using SSL V3
-Vulnerability-in-HTTP-Repository-Access-tp190716.html
Sent from the Subversion Users mailing list archive at Nabble.com.
