Ruby Issue Tracking System

10/15/2014

06:18 AM Ruby master Bug #9424: ruby 1.9 & 2.x has insecure SSL/TLS client defaults

This patch is even more important now that SSLv3 has basically been completely deprecated by the POODLE attack. reed (Reed Loden)

06:15 AM Backport21 Backport #9640: Please backport SSL fixes to 2.1

Since the POODLE attack was released today (and is causing folks to generally disable SSLv3 everywhere), any possibil... reed (Reed Loden)