[gnutls-help] Question about POODLE tls1

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Nov 16 11:26:47 CET 2015


On Mon, Nov 16, 2015 at 9:10 AM, Seyeong Kim <seyeong.kim at canonical.com>
wrote:

> Hello
>
> I'm using cups but it seems having poodle tls1 vulnerable on ssllabs test
>
> POODLE (TLS)*Vulnerable   INSECURE* (more info
> <https://community.qualys.com/blogs/securitylabs/2014/12/08/poodle-bites-tls>
> )
> and same issue reported to launchpad
>
> https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1510163
>
> he is saying that
>
> gnutls26 | 2.12.23-12ubuntu2.2 | trusty-updates   | source
>


gnutls 2.12 is not maintained since long time. However, poodle is easily
solvable by disabling SSL 3.0. There should be a configuration setting in
the program that you use to achieve that.

regards,
Nikos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20151116/1f7fc39d/attachment-0001.html>


More information about the Gnutls-help mailing list