summaryrefslogtreecommitdiff
path: root/doc/doc-txt
diff options
context:
space:
mode:
authorPhil Pennock <pdp@exim.org>2012-05-06 02:50:57 -0700
committerPhil Pennock <pdp@exim.org>2012-05-06 02:50:57 -0700
commitf0f5a555bee153477d12bcbce90875d46884281c (patch)
tree7d1c217de6f49a7b70c1058afe7eb4680bb39d04 /doc/doc-txt
parent5bfb4cdf352ad40304c6bbf0d826569dea761699 (diff)
Disable SSLv2 by default.
Diffstat (limited to 'doc/doc-txt')
-rw-r--r--doc/doc-txt/ChangeLog2
-rw-r--r--doc/doc-txt/NewStuff4
-rw-r--r--doc/doc-txt/OptionLists.txt2
3 files changed, 7 insertions, 1 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index ed226b756..6b2b62cdb 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -86,6 +86,8 @@ PP/19 DNS resolver init changes for NetBSD compatibility. (Risk of breakage
Not seeing resolver debug output on NetBSD, but suspect this is a
resolver implementation change.
+PP/20 Disable SSLv2 by default in OpenSSL support.
+
Exim version 4.77
-----------------
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 2872d241f..6eae4ce7b 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -56,6 +56,10 @@ Version 4.78
Currently OpenSSL only.
+ 8. SSLv2 now disabled by default in OpenSSL. (Never supported by GnuTLS).
+ Use "openssl_options -no_sslv2" to re-enable support, if your OpenSSL
+ install was not built with OPENSSL_NO_SSL2 ("no-ssl2").
+
Version 4.77
------------
diff --git a/doc/doc-txt/OptionLists.txt b/doc/doc-txt/OptionLists.txt
index 52a24b198..d6fedcb5c 100644
--- a/doc/doc-txt/OptionLists.txt
+++ b/doc/doc-txt/OptionLists.txt
@@ -373,7 +373,7 @@ once string* unset autoreply
once_file_size integer 0 autoreply 3.20
once_repeat time 0s autoreply 2.95
one_time boolean false redirect 4.00
-openssl_options string unset main 4.73 default to unset in 4.78
+openssl_options string +no_sslv2 main 4.73 default changed in 4.78
optional boolean false iplookup 4.00
oracle_servers string unset main 4.00
owners string list unset redirect 4.00