Package: nginx Version: 1.6.2-2 Severity: important Hi,
Please disable the legacy SSLv3 protocol by default for installations of nginx. It doesn't need to be disabled completely per se, but should not be available on a default installation. This helps to defend against the recent "POODLE" attack (CVE-2014-3566). Thanks, Thijs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
