Date: Fri, 17 Oct 2014 12:34:50 +0800 From: Jia-Shiun Li <jiashiun@gmail.com> To: =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= <des@des.no> Cc: gecko@freebsd.org, ports-secteam@freebsd.org, chromium@freebsd.org Subject: Re: POODLE SSLv3 vulnerability Message-ID: <CAHNYxxP1h8P=fGcVGAXeOAU=DCweNYYa2vcypsB8KGkjBR1MOQ@mail.gmail.com> In-Reply-To: <86iojmgn40.fsf@nine.des.no> References: <86iojmgn40.fsf@nine.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 15, 2014 at 9:03 AM, Dag-Erling Sm=C3=B8rgrav <des@des.no> wrot= e: > I would also like to do the same for Chrome, but I don't know the exact > procedure and I am unable to find out or test, since Chrome has been > broken for several months. according to askubuntu[1], for Chromium it is as simple as adding --ssl-version-min=3Dtls1 in command line. It can be added to the /usr/local/bin/chrome script executing the actual binary. [1]: http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-= poodle-vulnerability-cve-2014-3566 -Jia-Shiun.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHNYxxP1h8P=fGcVGAXeOAU=DCweNYYa2vcypsB8KGkjBR1MOQ>