On Wed, Jan 14, 2015 at 7:40 PM, Matthew Saltzman <mjs@xxxxxxxxxxx> wrote: > SSLLabs reports a couple of servers of mine have SSL v3 enabled and are > vulnerable to POODLE. I followed instructions for Apache httpd at > https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/, but that does not seem to cure the problem. SSLLabs still reports the servers as vulnerable. Does anyone know what I'm missing? > > The server also runs Trac and Subversion servers and a separate vhost > runs Jenkins. Does something special need to be done for those > services? > > (These are, in fact, RHEL 7 servers running httpd-2.2.15-39.el6.x86_64, > but I hope someone here will know what's going on.) RHEL servers have support from Red Hat, send an email or pick up the phone. The patches between RHEL and Fedora are documented, but unless someone actually knows the answer it's totally non-obvious how to answer your question other than "yes I realize it's 2015, but here's how you use a telephone..." -- Chris Murphy -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
