•  
      request #7999 Default Apache conf provided with Tuleap still allow SSLv3 and weak ciphers
    Infos
    #7999
    Thomas Gerbet (tgerbet)
    2015-06-29 09:39
    2015-04-13 16:56
    8018
    Details
    Default Apache conf provided with Tuleap still allow SSLv3 and weak ciphers
    The configuration file provided by Tuleap is outdated and allow the use of deprecated protocol and/or weak ciphers.

    References
    CVE-2014-3566
    CVE-2011-3389
    Installation process
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Closed
    2015-06-29
    Attachments
    Empty
    References

    Follow-ups

    User avatar
    Merged in Tuleap 8.3.99.5

    • Status changed from Under review to Closed
    • Close date set to 2015-06-29