dholbachgood morning07:10
bohrmeistaI was wondering why SSLv3 is still used in the current OpenSMTPD package of Ubuntu 14.0416:23
bohrmeistaand figured it can only be changed at compile time16:23
jpdsI think most people use postfix16:24
bohrmeistastill, it might be worth changing for security purposes16:26
rbasakbohrmeista: it's in universe so it's out of Canonical's security team's remit. But if somebody wants to submit a suitable update, they'll review and sponsor it. You can coordinate with them in #ubuntu-hardened to discuss proposed fixes, etc.16:42
rbasakIt might be worth looking at what the Debian maintainer of the package thinks is appropriate too.16:43
rbasakKeep in mind that we don't want to regress users of the stable release either by recommending an update to them that will break things.16:43
rbasakSo it's a tough balance that needs to be struck.16:43
bohrmeistaI see, thanks for the answer16:45

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!