Your message dated Tue, 04 Aug 2015 21:17:33 +
with message-id e1zmjax-0007fd...@franck.debian.org
and subject line Bug#780398: fixed in apache2 2.2.22-13+deb7u5
has caused the Debian Bug report #780398,
regarding weak/insecure diffie-hellman parameters
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
780398: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780398
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
---BeginMessage---
Package: apache2
Version: 2.2.22-13+deb7u4
Hi!
As Wheezy will be around for some more time (and squeeze-lts might also be
interested in getting a little extra security), would you please consider
backporting the DHE parameter size feature of Apache 2.4 to Apache 2.2 as
you did with EC support?
Thanks all the best,
Adi Kriegisch
PS: If you need more information and/or reasoning, please let me know!
signature.asc
Description: Digital signature
---End Message---
---BeginMessage---
Source: apache2
Source-Version: 2.2.22-13+deb7u5
We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 780...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Stefan Fritsch s...@debian.org (supplier of updated apache2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sat, 01 Aug 2015 22:08:57 +0200
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork
apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec
apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev
apache2-threaded-dev apache2-dbg
Architecture: source amd64 all
Version: 2.2.22-13+deb7u5
Distribution: wheezy-security
Urgency: medium
Maintainer: Debian Apache Maintainers debian-apache@lists.debian.org
Changed-By: Stefan Fritsch s...@debian.org
Description:
apache2- Apache HTTP Server metapackage
apache2-dbg - Apache debugging symbols
apache2-doc - Apache HTTP Server documentation
apache2-mpm-event - Apache HTTP Server - event driven model
apache2-mpm-itk - multiuser MPM for Apache 2.2
apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
apache2-mpm-worker - Apache HTTP Server - high speed threaded model
apache2-prefork-dev - Apache development headers - non-threaded MPM
apache2-suexec - Standard suexec program for Apache 2 mod_suexec
apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
apache2-threaded-dev - Apache development headers - threaded MPM
apache2-utils - utility programs for webservers
apache2.2-bin - Apache HTTP Server common binary files
apache2.2-common - Apache HTTP Server common files
Closes: 780398
Changes:
apache2 (2.2.22-13+deb7u5) wheezy-security; urgency=medium
.
* CVE-2015-3183: Fix request smuggling via chunked transfer encoding.
Backported by Marc Deslauriers.
* Don't limit default DH parameters to 1024 bits. Closes: #780398
This may cause problems with some Java based clients. A work-around is to
configure these client not to use DHE key exchange but use ECDHE or RSA
instead.
A server-side work-around that limits the DH parameters to 1024 bits for
all clients is described at
http://httpd.apache.org/docs/trunk/ssl/ssl_faq.html#javadh .
* Backport support for adding DH parameters to the SSLCertificateFile.
Checksums-Sha1:
6a7b970edbe773f90a61e85afd3ac98e727bf005 2899 apache2_2.2.22-13+deb7u5.dsc
190b1e8f102d5f8160ecac921dc1a7b214a701de 237472
apache2_2.2.22-13+deb7u5.debian.tar.gz
f1fd132fd5b5d4faff07c3a5111c3cc64552b5d3 293100
apache2.2-common_2.2.22-13+deb7u5_amd64.deb
c13235f7733405df64f8c7546343c21fede1822d 791720
apache2.2-bin_2.2.22-13+deb7u5_amd64.deb
e1ed07182141b70654b406fb5d75efd57a12c6dd 2242
apache2-mpm-worker_2.2.22-13+deb7u5_amd64.deb
d66787eea63079ace672f4a16b9401404dec9d0d 2346
apache2-mpm-prefork_2.2.22-13+deb7u5_amd64.deb
a87f661b864a24b4bf8949a75c5b66d3a709a7e4 2308
apache2-mpm-event_2.2.22-13+deb7u5_amd64.deb
25c69b6c50cf0fd514544f919cf731d6a647f093 2338
apache2-mpm-itk_2.2.22-13+deb7u5_amd64.deb
7761e1cd68b61466a17103c9ca63baa390452fe9