Bug#943415: apache2: Disable TLS 1.0 and 1.1 by default

Package: apache2 Version: 2.4.38-3 Hi, I was expecting TLS 1.0 and 1.1 to be disabled, since that's the OpenSSL default. But it seems that apache2 always calls SSL_CTX_set_min_proto_version, with the lowest version that's enabled in the config file, even if the config file doesn't doesn't

Bug#828236: [Pkg-openssl-devel] Bug#844160: openssl 1.1 and apache2

On Wed, Nov 16, 2016 at 11:05:13PM +0100, Stefan Fritsch wrote: > Hi, > > [I have trimmed the cc list a bit] > > On Wednesday, 16 November 2016 20:36:49 CET Kurt Roeckx wrote: > > On Mon, Nov 14, 2016 at 03:06:44PM -0800, Russ Allbery wrote: > > > Stefan Fr

Bug#828236: [Pkg-openssl-devel] Bug#844160: openssl 1.1 and apache2

On Wed, Nov 16, 2016 at 10:26:48PM +0200, Adrian Bunk wrote: > On Wed, Nov 16, 2016 at 08:36:49PM +0100, Kurt Roeckx wrote: > > On Mon, Nov 14, 2016 at 03:06:44PM -0800, Russ Allbery wrote: > > > Stefan Fritsch <s...@debian.org> writes: > > > > > > >

Bug#828236: [Pkg-openssl-devel] Bug#844160: openssl 1.1 and apache2

On Mon, Nov 14, 2016 at 03:06:44PM -0800, Russ Allbery wrote: > Stefan Fritsch writes: > > > I must admit that I did not think of php when doing that change, sorry. > > > On the other hand, shibboleth-sp2 also build-depends on apache2-dev and > > there > > have been some

Bug#828236: Bug#844160: marked as done (apache2-dev should depend on libssl1.0-dev)

On Mon, Nov 14, 2016 at 05:03:45AM +0100, Ondřej Surý wrote: > > Looking at mod_ssl_openssl.h and the comment in #828330, > > I'd suggest the change below to add a dependency on libssl1.0-dev > > to apache2-dev. > > And that exactly happens meaning that PHP 7.0 can no longer be built > unless all

Bug#828236: Apache2 with openssl 1.1.0

On Wed, Nov 09, 2016 at 11:44:49PM +0100, Stefan Fritsch wrote: > Hi Kurt, > > On Sunday, 25 September 2016 19:51:08 CET Debian Bug Tracking System wrote: > > Processing commands for cont...@bugs.debian.org: > > > tags 828236 + patch > > > > Bug #828236 [src:apache2] apache2: FTBFS with openssl

Bug#828237: apr-util: FTBFS with openssl 1.1.0

Source: apr-util Version: 1.5.4-1 Severity: important Control: block 827061 by -1 Hi, OpenSSL 1.1.0 is about to released. During a rebuild of all packages using OpenSSL this package fail to build. A log of that build can be found at:

Bug#828236: apache2: FTBFS with openssl 1.1.0

Source: apache2 Version: 2.4.20-1 Severity: important Control: block 827061 by -1 Hi, OpenSSL 1.1.0 is about to released. During a rebuild of all packages using OpenSSL this package fail to build. A log of that build can be found at:

Re: Bug#733564: pu: apache2 with ECDHE support

On Wed, May 07, 2014 at 10:34:43PM +0100, Adam D. Barratt wrote: On Thu, 2014-05-01 at 15:59 +0200, Kurt Roeckx wrote: On Mon, Apr 14, 2014 at 09:57:21PM +0200, Stefan Fritsch wrote: Am Montag, 14. April 2014, 21:18:46 schrieb Philipp Kern: So I'd say that we should go and add ECDHE

Re: Bug#733564: pu: apache2 with ECDHE support

when restart-without-asking is set. +(Closes: #745801) + + -- Kurt Roeckx k...@roeckx.be Thu, 01 May 2014 15:06:05 +0200 + openssl (1.0.1e-2+deb7u7) wheezy-security; urgency=high * Non-maintainer upload by the Security Team. diff -Nru openssl-1.0.1e/debian/libssl1.0.0.postinst openssl

Re: Bug#733564: pu: apache2 with ECDHE support

On Sun, Apr 27, 2014 at 03:39:13PM +0200, Philipp Kern wrote: Hi, On Thu, Apr 17, 2014 at 06:46:00PM +0200, Kurt Roeckx wrote: I would like to also add support for the padding extention in stable. It's part of the 1.0.1g release. NACK, at least for now. I might have not mailed

Re: Bug#733564: pu: apache2 with ECDHE support

On Mon, Apr 14, 2014 at 10:07:30PM +0200, Kurt Roeckx wrote: On Mon, Apr 14, 2014 at 09:57:21PM +0200, Stefan Fritsch wrote: Am Montag, 14. April 2014, 21:18:46 schrieb Philipp Kern: So I'd say that we should go and add ECDHE support to Apache as suggested and also patch OpenSSL

Re: Bug#733564: pu: apache2 with ECDHE support

On Mon, Apr 14, 2014 at 09:57:21PM +0200, Stefan Fritsch wrote: Am Montag, 14. April 2014, 21:18:46 schrieb Philipp Kern: So I'd say that we should go and add ECDHE support to Apache as suggested and also patch OpenSSL for the OS X bug as the fingerprinting landed upstream and we would

Re: Bug#733564: pu: apache2 with ECDHE support

On Mon, Dec 30, 2013 at 01:41:31PM +0100, Cyril Brulebois wrote: Stefan Fritsch s...@sfritsch.de (2013-12-30): Am Sonntag, 29. Dezember 2013, 23:58:54 schrieb Kurt Roeckx: Adding ECDHE support in apache will probably require backporting the patches for that. I'm not sure how much work

Bug#733564: pu: apache2 with ECDHE support

Package: release.debian.org User: release.debian@packages.debian.org Usertags: pu Severity: normal Hi, I would like to see apache in stable support ECDHE. This was added somewhere in a 2.3 version and so only part of a stable release in 2.4. The reason I want to see is ECDHE is that we

openssl rfc5746 support

Hi, I've prepared a package to add rfc5746 support to openssl and plan to upload this to proposed updates. Since apache is actually one of the applicications people would like to have this support in, it would be nice if you could test my current version. The current version is available at:

Re: [Pkg-openssl-devel] Backport apache2 version = 2.2.12 ? With or without new openssl?

On Wed, Apr 14, 2010 at 09:54:50PM +0200, Stefan Fritsch wrote: On Wednesday 14 April 2010, Sandro Tosi wrote: On Mon, Apr 5, 2010 at 10:54, Stefan Fritsch s...@sfritsch.de wrote: - 2.2.15-2 still has some bugs in mod_reqtimeout, 2.2.15-3 would be better (but will take some time until it

Bug#519322: apache2.2-common: mod_status stats are wrong.

Package: apache2.2-common Version: 2.2.9-10+lenny2 Hi, I've enabled mod_status and I've been looking at the stats for some time and always was under the impression that they were way too high. But today the munin graph say it's been doing 400 MB/s for the past 3 hours, which makes no sense at

Bug#415698: severity of 415698 is serious

# Automatically generated email from bts, devscripts version 2.9.6 # This seems to break other packages, so I think it should be RC. severity 415698 serious -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#385004: apache-ssl: segfault when upgrading to 1.3.34-4

reassign 385004 openssl,apache-ssl,libapache-mod-php5 thanks This seems to be php problem, so I'm reassinging this. Kurt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#385004: #385004: apache-ssl: segfault when upgrading

Hi, I really don't have anything to look at now, and will need some more information. You say this crashed in the libssl library? Can you show me the backtrace? Please install the libssl0.9.8-dbg package, which should give you more debug information for the backtrace. Can you generate a