Overview
Request 258173 superseded
Serf 1.3.8
This release fixes a problem with handling very large gzip-
encoded HTTP responses and disables SSLv2 and SSLv3.
* CRC calculation error for gzipped http reponses > 4GB.
* SSPI CredHandle not freed when APR pool is destroyed.
* Disable SSLv2 and SSLv3 as both or broken [boo#901968]
- Created by AndreasStieger
- In state superseded
- Superseded by 258898
Request History
AndreasStieger created request
Serf 1.3.8
This release fixes a problem with handling very large gzip-
encoded HTTP responses and disables SSLv2 and SSLv3.
* CRC calculation error for gzipped http reponses > 4GB.
* SSPI CredHandle not freed when APR pool is destroyed.
* Disable SSLv2 and SSLv3 as both or broken [boo#901968]
mgriessmeier declined request
Can you please add something like "Disable SSL to fix CVE-2014-3566 (POODLE)" to your .changes so that the CVE is listed in the mentioned issues?
Thanks in advance
AndreasStieger superseded request
superseded to add to changelog