On Wed, 2015-01-14 at 22:39 -0700, Chris Murphy wrote: > On Wed, Jan 14, 2015 at 7:40 PM, Matthew Saltzman <mjs@xxxxxxxxxxx> wrote: > > SSLLabs reports a couple of servers of mine have SSL v3 enabled and are > > vulnerable to POODLE. I followed instructions for Apache httpd at > > https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/, but that does not seem to cure the problem. SSLLabs still reports the servers as vulnerable. Does anyone know what I'm missing? > > > > The server also runs Trac and Subversion servers and a separate vhost > > runs Jenkins. Does something special need to be done for those > > services? > > > > (These are, in fact, RHEL 7 servers running httpd-2.2.15-39.el6.x86_64, > > but I hope someone here will know what's going on.) > > > RHEL servers have support from Red Hat, send an email or pick up the > phone. The patches between RHEL and Fedora are documented, but unless > someone actually knows the answer it's totally non-obvious how to > answer your question other than "yes I realize it's 2015, but here's > how you use a telephone..." > Well, this is a site license at a large university, so in order to get to RH support, I have to go through (sometimes not very responsive or helpful) institutional IT middlemen. So I thought I'd ask here first, in case the answer was simple and/or common across httpd versions, because sometimes folks on this list are generous and willing to help out in such cases. Sorry to bother you. -- Matthew Saltzman Clemson University Math Sciences mjs AT clemson DOT edu -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
