This bug also breaks subversion (see #336373; the bug was closed but it's still broken).
For subversion, which goes through apache, I found that a workaround is to limit the ciphers on the Apache end. Removing all SSLv3 ciphers except RC4 seems to do the trick. For example, my apache2 configuration now has: SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA Perhaps a similar workaround can help Nessus et al. until this bug finally gets fixed. -jim -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
