[gnutls-help] Question about POODLE tls1
bryan.quigley at canonical.com
Tue Nov 17 15:32:20 CET 2015
>gnutls 2.12 is not maintained since long time. However, poodle is easily
>solvable by disabling SSL 3.0. There should be a configuration setting in
>the program that you use to achieve that.
That's what I assumed as well, but since Poodle was released it was
found to also affect some implementations of TLS. This is a test
server  (using cups TLS) that has SSLv3 disabled but ssllabs has
determined TLS is affected by Poodle. The best description of this
slightly different Poodle is available here.
Poodle affecting TLS has only been known for a few months, which means
the fix was done long before this was known..
More information about the Gnutls-help