[Bug 1358305] [NEW] harden default ssl settings
Public bug reported: Apache 2 default ssl configuration should be hardened to get better overall ssl security my proposal: /etc/apache2/mods-available/ssl.conf SSLHonorCipherOrder on SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA256:DHE-RSA-DES-CBC3-SHA:DHE-RSA-AES128-SHA:DES-CBC3-SHA SSLProtocol all -SSLv2 -SSLv3 SSLUseStapling on SSLStaplingResponderTimeout 5 SSLStaplingReturnResponderErrors off SSLStaplingCache shmcb:/var/run/ocsp(128000) ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1358305 Title: harden default ssl settings To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1358305/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1197884] Re: apache2.2 SSL has no forward-secrecy: need ECDHE keys
Don't you think it would be better to backport this for Apache 2.2? What about all the Ubuntu 12.04 LTS versions which will be running for some more years? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1197884 Title: apache2.2 SSL has no forward-secrecy: need ECDHE keys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1197884/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1219804] Re: Support custom DH parameter file in apache 2.4
http://blog.ivanristic.com/2013/08/increasing-dhe-strength-on- apache.html -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1219804 Title: Support custom DH parameter file in apache 2.4 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1219804/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1219804] [NEW] Support custom DH parameter file in apache 2.4
Public bug reported: Support custom DH parameter file in apache 2.4: https://issues.apache.org/bugzilla/show_bug.cgi?id=49559 This would allow for better Forward Secrecy Support without having a weak key Exchange (for DHE chiphers) . ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1219804 Title: Support custom DH parameter file in apache 2.4 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1219804/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 939300] Re: Update Apache to 2.4
I would like to see this patch included as well: https://issues.apache.org/bugzilla/show_bug.cgi?id=49559 This would allow for better Forward Secrecy Support without having a weak key exchange. ** Bug watch added: Apache Software Foundation Bugzilla #49559 http://issues.apache.org/bugzilla/show_bug.cgi?id=49559 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/939300 Title: Update Apache to 2.4 To manage notifications about this bug go to: https://bugs.launchpad.net/raringautomatedsuggestions/+bug/939300/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 988819] Re: wrong path to libxml2.so.2 in mod_security
** Tags added: precise -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/988819 Title: wrong path to libxml2.so.2 in mod_security To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/988819/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 988819] Re: wrong path to libxml2.so.2 in mod_security
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670247 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/988819 Title: wrong path to libxml2.so.2 in mod_security To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/988819/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 988819] Re: wrong path to libxml2.so.2 in mod_security
Ubuntu 12.04 LTS ** Bug watch added: Debian Bug tracker #670247 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670247 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/988819 Title: wrong path to libxml2.so.2 in mod_security To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/988819/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 988819] [NEW] wrong path to libxml2.so.2 in mod_security
Public bug reported: service apache2 restart apache2: Syntax error on line 210 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/mod-security.load: Cannot load /usr/lib/libxml2.so.2 into server: /usr/lib/libxml2.so.2: cannot open shared object file: No such file or directory Action 'configtest' failed. The Apache error log may have more information. ...fail! in file /etc/apache2/mods-enabled/mod-security.load: LoadFile /usr/lib/libxml2.so.2 correct path on x86 would be /usr/lib/i386-linux-gnu/libxml2.so.2 maybe a symlink could fix this issue? ** Affects: apache2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/988819 Title: wrong path to libxml2.so.2 in mod_security To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/988819/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
