Pound and POODLE

Over the last week I've been working to get the patches for Pound in to Debian for the POODLE vulnerabilty, the new package in unstable has the DisableSSLv3 option available which allows for disabling SSLv3 (fundamental for POODLE), and is waiting to migrate to testing, once that's happen I'll be looking to get that version in to wheezy-backports.

In the mean time, I'm currently rebuilding my personal repository, and will update this post once it's available, along with the GPG public key that it's signed with, the repository will contain wheezy-backports versions of pound, built from the unstable sources, along with a newer version of pound from the current experimental (2.7d) release of pound.

I also raised a ticket for EPEL 7 to get them to update from the 2.7c version that they currently have in the repository to the 2.7d version, which mostly only has the added option to disable various versions of SSL, and that appears to currently be in progress.

Internally at Mythic Beasts we have a repository for managed customers which already has the patched versions for both CentOS and Debian Wheezy.

Posted: 2014-10-24 17:18 in Tech, and Work | permalink