Merge pull request #8179 from briandrawert/fix_poodle_ssl_attack

Fix for CVE-2014-3566 'POODLE' SSL attack

IPython/html/notebookapp.py

@@ -19,6 +19,7 @@ import re
 import select
 import signal
 import socket
+import ssl
 import sys
 import threading
 import webbrowser
@@ -846,6 +847,9 @@ class NotebookApp(BaseIPythonApplication):
         if not ssl_options:
             # None indicates no SSL config
             ssl_options = None
+        else:
+            # Disable SSLv3, since its use is discouraged.
+            ssl_options['ssl_version']=ssl.PROTOCOL_TLSv1
         self.login_handler_class.validate_security(self, ssl_options=ssl_options)
         self.http_server = httpserver.HTTPServer(self.web_app, ssl_options=ssl_options,
                                                  xheaders=self.trust_xheaders)