Hide Forgot
Description of problem: In stunnel-4.29-3.el6_6.1 in default configuration, when Server Hello advertises SSL 3.0 only, stunnel replies with "Handshake Failure" and rejects the connection. Now in stunnel-4.29-6.el6 in default configuration stunnel accepts SSL 3.0 which is insecure. Version-Release number of selected component (if applicable): stunnel-4.29-6.el6 How reproducible: always Steps to Reproduce: 1. configure stunnel without sslVersion directive in stunnel.conf 2. configure "openssl s_server" with "-ssl3" option Actual results: Connection from stunnel to s_server established Expected results: Connection from stunnel to s_server rejected Additional info:
The change was not accidental. This is fix for bug 1215707.