Debian Linux Security Advisory 4539-3 - The update for openssl released as DSA 4539-1 introduced a regression where AES-CBC-HMAC-SHA ciphers were not enabled. Updated openssl packages are now available to correct this issue.
18df6954681a95f7600d5f7005d8a30107bd8d960e5a7d9edcda66e4f1c26854