- Joined
- Feb 27, 2003
- Messages
- 9,158
Hello,
DirectAdmin 1.46.3 RC1 is ready for an accelerated testing period.
Versions List for 1.46.3
This release is to allow TLSv1.0 and TLSv1.1, so that older browsers can use SSL with DA, without being affected to the Poodle exploit.
If all goes well, we'll release it on the 24th (tomorrow), so getting as many people trying them out as quickly as we can would be appreciated
The current cipher list of:
does protect you from Poodle, but also disables TLSv1.0 and TLSv1.1.
This important change was added to shut off the SSLv3 protocol, so that TLS 1.0 and 1.1 can work again.
Not that DA should automatically check for this old cipher, and will replace it with ssl_cipher=SSLv3 in the directadmin.conf (the SSLv3 cipher that we use, is different than the SSLv3 protocol, that we've disabled)
More info here on the Poodle changes in DA itself:
https://www.directadmin.com/features.php?id=1676
Other features:
Bugfixes:
You can test these binaries now from the pre-release section:
http://help.directadmin.com/item.php?id=408
John
DirectAdmin 1.46.3 RC1 is ready for an accelerated testing period.
Versions List for 1.46.3
This release is to allow TLSv1.0 and TLSv1.1, so that older browsers can use SSL with DA, without being affected to the Poodle exploit.
If all goes well, we'll release it on the 24th (tomorrow), so getting as many people trying them out as quickly as we can would be appreciated
The current cipher list of:
Code:
[COLOR=#000000][FONT=courier new]ssl_cipher=ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP[/FONT][/COLOR]
This important change was added to shut off the SSLv3 protocol, so that TLS 1.0 and 1.1 can work again.
Not that DA should automatically check for this old cipher, and will replace it with ssl_cipher=SSLv3 in the directadmin.conf (the SSLv3 cipher that we use, is different than the SSLv3 protocol, that we've disabled)
More info here on the Poodle changes in DA itself:
https://www.directadmin.com/features.php?id=1676
Other features:
- Domain Selector on selected pages.
- Custom HTTPD Config now shows the raw templates that will be used.
- Template DIFF so you can see what your custom templates might be missing.
Bugfixes:
- Re-add DKIM with zone reset
- pipe both stdout and stderr from backup_roundcube.sh to make debugging easier.
- IP Blacklist was blocking IPs before handshake, preventing the "Your IP is Blacklisted" message from being seen.
- Some backup errors were blank followed by the timestamp.
You can test these binaries now from the pre-release section:
http://help.directadmin.com/item.php?id=408
John