Firefox 34.0.5 has been released. This release changes the
default value for
security.tls.version.min from
0 to
1, which disables SSLv3 (the source of the poodle vulnerability).
If you've already changed this value to 1, you don't have to do anything - after upgrading, FF will still remember that you set the value to 1. If you want to change this setting from the
manual setting (Status =
user set ) of 1 to the
new default value (Status = default) of 1 (still) after upgrading, you can right-click the setting in
about:config and choose
Reset.
Personally, I reset it to the new default value.
Code:
Preference Name Status Type Value
security.tls.version.min default integer 1
This way I won't have to worry that Mozilla will one day need to change the default value to something else. AFIAK, changes to the default setting won't override a user modified value.
Either way, if you have security.tls.version.min = 1, you're protected.