[wp-trac] [WordPress Trac] #36320: PayPal 2016 merchant security upgrades - Core defaults need to be changed

WordPress Trac noreply at wordpress.org
Thu Mar 24 13:10:46 UTC 2016


#36320: PayPal 2016 merchant security upgrades - Core defaults need to be changed
--------------------------+------------------------
 Reporter:  reidbusi      |       Owner:
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:
Component:  General       |     Version:  4.4.2
 Severity:  normal        |  Resolution:  duplicate
 Keywords:                |     Focuses:
--------------------------+------------------------
Changes (by dd32):

 * status:  new => closed
 * resolution:   => duplicate
 * severity:  major => normal
 * milestone:  Awaiting Review =>


Comment:

 Unfortunately this is a case where the PHP inbuilt cURL cannot auto-
 negotiate the correct TLS version (although it supports 1.2, it doesn't
 negotiate it correctly).
 Forcing all connections to 1.2 isn't a viable option for WordPress, as not
 all servers support it.

 This is already being discussed in #34924

--
Ticket URL: <https://core.trac.wordpress.org/ticket/36320#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list