On Mon, Apr 14, 2014 at 09:57:21PM +0200, Stefan Fritsch wrote: > Am Montag, 14. April 2014, 21:18:46 schrieb Philipp Kern: > > So I'd say that we should go and add ECDHE support to Apache as > > suggested and also patch OpenSSL for the OS X bug as the > > fingerprinting landed upstream and we would merely replicate > > current upstream behavior. > > OK, sounds good. > > Kurt, if the openssl patch is like [1], it would require that apache2 > is built against the updated version of openssl, due to the changed > value of SSL_OP_ALL. Can you please ping me when you have uploaded the > new package? Also, you should probably mention in the changelog that > only recompiled applications get to use the workaround.
I'll let you know when I've done an upload. Kurt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org