[Bug 53394] New: Log warning if SSLv2 is enabled

bugzilla Mon, 11 Jun 2012 05:11:20 -0700

https://issues.apache.org/bugzilla/show_bug.cgi?id=53394


          Priority: P2
            Bug ID: 53394
          Assignee: dev@tomcat.apache.org
           Summary: Log warning if SSLv2 is enabled
          Severity: major
    Classification: Unclassified
                OS: All
          Reporter: 1983-01...@gmx.net
          Hardware: All
            Status: NEW
           Version: 6.0.35
         Component: Connectors
           Product: Tomcat 6

We recently had a security scan I was not aware that your APR Connector has
SSLv2 activated.
Since SSLv2 is unsecure, it would be best to emit a WARN message if any SSL
connector has this protocol still enabled.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 53394] New: Log warning if SSLv2 is enabled

Reply via email to