[Pkg-openssl-devel] Bug#529221: Bug#529221: Netscape/OpenSSL Cipher Forcing Bug
Kurt Roeckx
kurt at roeckx.be
Wed Jan 20 21:41:43 UTC 2010
On Wed, Jan 20, 2010 at 09:37:01PM +0100, Florian Weimer wrote:
> * Andreas Schulze:
>
> > the Debian Bug Report #529221 seemes unchanged since 200905.
> > Could anybody post a status update?
>
> Is this, perchance, a PCI DSS compliance issue?
>
> I'm still not convinced that this is a security bug.
Yes, that's what this is about. And I'm not convinced either.
I would also like to point out that applications (the server)
do not have to set up those options.
Kurt
More information about the Pkg-openssl-devel
mailing list