Debian Security Advisory DSA 875-1 - Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer (OpenSSL) library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0.
e7ab26408e5d2c65bcc64537ceb0b3da408d12e29953bbde9cfc2925fddc3f60