Hi, if you care to look into the changelog, you'll see that the security upgrade disabled SSLv3.
After that, only TLS 1.2 with a handful of ciphers is left, see https://lists.debian.org/debian-lts/2017/04/msg00002.html If your clients are unable to connect, they're probably as outdated and insecure as your ejabberd. I haven't had problems with gajim and psi+, and Guido also tested a few other clients. As stated in above mail: If people want to be able to configure TLS versions and ciphers themselves, they'll have to upgrade to a newer ejabberd (which I would strongly recommend anyway). Two weeks ago I uploaded 14.07 to wheezy-backports and 16.09 to wheezy-backports-sloppy. Upstream has documented the update procedure here: https://docs.ejabberd.im/admin/upgrade/ If you want to keep your outdated and insecure ejabberd, simply put the package on hold. I doubt very much that another update of the wheezy package is going to happen. Regards, -- .''`. Philipp Huebner <debala...@debian.org> : :' : pgp fp: 6719 25C5 B8CD E74A 5225 3DF9 E5CA 8C49 25E4 205F `. `'` `-
signature.asc
Description: OpenPGP digital signature
