SoftwareCollections Bugs
I feel bad for creating a new discussion for this, however, I can't find a concrete answer to this. Where are the bugs reported for a SoftwareCollections package when installed from rhel-server-rhscl-7-eus-rpms? The website, softwarecollections.org, has no mention about this. It does mention copr, though, the packages are not hosted/listed there. Bugzilla has some bugs about packages that are not "official" Components, which I had assumed to mean that they don't belong there either.
That's the overall question. The specific question, and the reason why I started looking to begin with, was that the httpd24-mod_ssl package provides configuration files that allow SSLv3, making any system that installs that package vulnerable to POODLE by default.
# grep SSLProtocol /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
SSLProtocol all -SSLv2
Instead of
# grep SSLProtocol /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
SSLProtocol all -SSLv2 -SSLv3
or even something more refined like
# grep SSLProtocol /opt/rh/httpd24/root/etc/httpd/conf.d/ssl.conf
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
