diff -Nru nginx-1.1.19/debian/changelog nginx-1.1.19/debian/changelog
--- nginx-1.1.19/debian/changelog	2014-02-03 10:21:51.000000000 -0500
+++ nginx-1.1.19/debian/changelog	2014-10-22 09:41:25.000000000 -0400
@@ -1,3 +1,10 @@
+nginx (1.1.19-1ubuntu0.7) precise-security; urgency=low
+
+  * debian/conf/sites-available/default: Remove SSLv3 from the ssl_protocols
+    line in the default config example, due to POODLE vulnerability.
+
+ -- Thomas Ward <teward@dark-net.net>  Wed, 22 Oct 2014 09:36:58 -0400
+
 nginx (1.1.19-1ubuntu0.6) precise-proposed; urgency=low
 
   * Enable building of the http_stub_status_module in nginx-naxsi, which was
diff -Nru nginx-1.1.19/debian/conf/sites-available/default nginx-1.1.19/debian/conf/sites-available/default
--- nginx-1.1.19/debian/conf/sites-available/default	2012-03-28 22:50:24.000000000 -0400
+++ nginx-1.1.19/debian/conf/sites-available/default	2014-10-22 09:40:24.000000000 -0400
@@ -110,7 +110,7 @@
 #
 #	ssl_session_timeout 5m;
 #
-#	ssl_protocols SSLv3 TLSv1;
+#	ssl_protocols TLSv1; # don’t use SSLv3 ref: POODLE
 #	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
 #	ssl_prefer_server_ciphers on;
 #