In ka badan 6 sano laga soo bilaabo cusboonaysiintii ugu dambeysay
Waxaa ka mid ah
- Taageero lagu daray TLS 1.1, 1.2 iyo 1.3 (--sslproto {tls1.1+|tls1.2+|tls1.3+}). Ku dhis OpenSSL si toos ah (ugu yaraan laanta 1.0.2 ayaa looga baahan yahay inay shaqeyso, iyo TLSv1.3 - 1.1.1). Taageerada SSLv2 waa la joojiyay. Sida caadiga ah, halkii SSLv3 iyo TLSv1.0, STLS/STARTTLS waxay ku dhawaaqaysaa TLSv1.1. Si aad u soo celiso SSLv3, waxaad u baahan tahay inaad isticmaasho OpenSSL oo leh taageerada SSLv3 bidix oo ku socodsii fetchmail leh calanka "-sslproto ssl3+".
- Sida caadiga ah, qaabka hubinta shahaadada SSL waa la dajiyay (-sslcertck). Si aad u joojiso jeegga, waxaad hadda u baahan tahay inaad si cad u qeexdo ikhtiyaarka "--nosslcertck";
- Taageerada isku-dubaridaha C ee aadka u da'da weyn waa la joojiyay. Dhismuhu hadda wuxuu u baahan yahay isku-dubarid taageeraya heerka 2002 SUSv3 (Single Unix Specification v3, qayb hoosaad ah POSIX.1-2001 oo leh kordhinta XSI);
- Waxtarka UID raadinta waa la kordhiyey ("-keep UID" qaabka) marka la qaybinayo fariimaha sanduuqa boostada ee POP3;
- Horumarin badan ayaa la sameeyay si loo taageero isku xirka sirta ah;
- Go'an baylahnimada u horseedi karta kaydka buuxdhaafka ah ee koodhka xaqiijinta GSSAPI marka la adeegsanayo magacyada isticmaale ee ka badan 6000 xaraf.
Isku dar:
Source: opennet.ru