Secure Client-Initiated Renegotiation

sergio sergio at outerface.net
Fri Apr 12 00:28:01 EEST 2019


Hello.

I've just tested my system that runs dovecot 2.3.4.1 on debian buster 
with testssl.sh (https://testssl.sh/) and is says:

Secure Renegotiation (CVE-2009-3555)    not vulnerable (OK)
Secure Client-Initiated Renegotiation   VULNERABLE (NOT ok), potential 
DoS threat

Is this a configuration or a compilation issue and how to solve it?

-- 
sergio.


More information about the dovecot mailing list