Ondřej, are you taking care of this one or do you need help with it? Asking because this will lead to removal of irssi and related packages from testing, which I’d like to avoid.
Kurt Roeckx <k...@roeckx.be> writes: > Source: dnsval > Version: 2.0-2 > Severity: serious > > Hi, > > Version 2.0 has this line in dane_check.c: > const SSL_METHOD *meth = SSLv3_client_method(); > > On the other hand, the 2.1 version has: > const SSL_METHOD *meth = SSLv23_client_method(); > > (It also explicitly disables SSLv2 and SSLv3, but that doesn't > have any effect in Debian since jessie.) > > Please change the 2.0 to use SSLv23_client_method() that actually > support multiple versions. The SSLv3_client_method only talks > SSLv3. > > Also please consider backporting to stable, you really don't want > to use SSLv3. > > > Kurt > > > -- Best regards, Michael
