Package: apache2
Version: 2.4.38-3
Hi,
I was expecting TLS 1.0 and 1.1 to be disabled, since that's the
OpenSSL default. But it seems that apache2 always calls
SSL_CTX_set_min_proto_version, with the lowest version that's
enabled in the config file, even if the config file doesn't
doesn't
On Wed, Nov 16, 2016 at 11:05:13PM +0100, Stefan Fritsch wrote:
> Hi,
>
> [I have trimmed the cc list a bit]
>
> On Wednesday, 16 November 2016 20:36:49 CET Kurt Roeckx wrote:
> > On Mon, Nov 14, 2016 at 03:06:44PM -0800, Russ Allbery wrote:
> > > Stefan Fr
On Wed, Nov 16, 2016 at 10:26:48PM +0200, Adrian Bunk wrote:
> On Wed, Nov 16, 2016 at 08:36:49PM +0100, Kurt Roeckx wrote:
> > On Mon, Nov 14, 2016 at 03:06:44PM -0800, Russ Allbery wrote:
> > > Stefan Fritsch <s...@debian.org> writes:
> > >
> > > >
On Mon, Nov 14, 2016 at 03:06:44PM -0800, Russ Allbery wrote:
> Stefan Fritsch writes:
>
> > I must admit that I did not think of php when doing that change, sorry.
>
> > On the other hand, shibboleth-sp2 also build-depends on apache2-dev and
> > there
> > have been some
On Mon, Nov 14, 2016 at 05:03:45AM +0100, Ondřej Surý wrote:
> > Looking at mod_ssl_openssl.h and the comment in #828330,
> > I'd suggest the change below to add a dependency on libssl1.0-dev
> > to apache2-dev.
>
> And that exactly happens meaning that PHP 7.0 can no longer be built
> unless all
On Wed, Nov 09, 2016 at 11:44:49PM +0100, Stefan Fritsch wrote:
> Hi Kurt,
>
> On Sunday, 25 September 2016 19:51:08 CET Debian Bug Tracking System wrote:
> > Processing commands for cont...@bugs.debian.org:
> > > tags 828236 + patch
> >
> > Bug #828236 [src:apache2] apache2: FTBFS with openssl
Source: apr-util
Version: 1.5.4-1
Severity: important
Control: block 827061 by -1
Hi,
OpenSSL 1.1.0 is about to released. During a rebuild of all packages using
OpenSSL this package fail to build. A log of that build can be found at:
Source: apache2
Version: 2.4.20-1
Severity: important
Control: block 827061 by -1
Hi,
OpenSSL 1.1.0 is about to released. During a rebuild of all packages using
OpenSSL this package fail to build. A log of that build can be found at:
On Wed, May 07, 2014 at 10:34:43PM +0100, Adam D. Barratt wrote:
On Thu, 2014-05-01 at 15:59 +0200, Kurt Roeckx wrote:
On Mon, Apr 14, 2014 at 09:57:21PM +0200, Stefan Fritsch wrote:
Am Montag, 14. April 2014, 21:18:46 schrieb Philipp Kern:
So I'd say that we should go and add ECDHE
when restart-without-asking is set.
+(Closes: #745801)
+
+ -- Kurt Roeckx k...@roeckx.be Thu, 01 May 2014 15:06:05 +0200
+
openssl (1.0.1e-2+deb7u7) wheezy-security; urgency=high
* Non-maintainer upload by the Security Team.
diff -Nru openssl-1.0.1e/debian/libssl1.0.0.postinst openssl
On Sun, Apr 27, 2014 at 03:39:13PM +0200, Philipp Kern wrote:
Hi,
On Thu, Apr 17, 2014 at 06:46:00PM +0200, Kurt Roeckx wrote:
I would like to also add support for the padding extention in
stable. It's part of the 1.0.1g release.
NACK, at least for now.
I might have not mailed
On Mon, Apr 14, 2014 at 10:07:30PM +0200, Kurt Roeckx wrote:
On Mon, Apr 14, 2014 at 09:57:21PM +0200, Stefan Fritsch wrote:
Am Montag, 14. April 2014, 21:18:46 schrieb Philipp Kern:
So I'd say that we should go and add ECDHE support to Apache as
suggested and also patch OpenSSL
On Mon, Apr 14, 2014 at 09:57:21PM +0200, Stefan Fritsch wrote:
Am Montag, 14. April 2014, 21:18:46 schrieb Philipp Kern:
So I'd say that we should go and add ECDHE support to Apache as
suggested and also patch OpenSSL for the OS X bug as the
fingerprinting landed upstream and we would
On Mon, Dec 30, 2013 at 01:41:31PM +0100, Cyril Brulebois wrote:
Stefan Fritsch s...@sfritsch.de (2013-12-30):
Am Sonntag, 29. Dezember 2013, 23:58:54 schrieb Kurt Roeckx:
Adding ECDHE support in apache will probably require backporting the
patches for that. I'm not sure how much work
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Severity: normal
Hi,
I would like to see apache in stable support ECDHE. This was
added somewhere in a 2.3 version and so only part of a stable
release in 2.4.
The reason I want to see is ECDHE is that we
Hi,
I've prepared a package to add rfc5746 support to openssl and
plan to upload this to proposed updates. Since apache is actually
one of the applicications people would like to have this support
in, it would be nice if you could test my current version.
The current version is available at:
On Wed, Apr 14, 2010 at 09:54:50PM +0200, Stefan Fritsch wrote:
On Wednesday 14 April 2010, Sandro Tosi wrote:
On Mon, Apr 5, 2010 at 10:54, Stefan Fritsch s...@sfritsch.de wrote:
- 2.2.15-2 still has some bugs in mod_reqtimeout, 2.2.15-3 would
be better (but will take some time until it
Package: apache2.2-common
Version: 2.2.9-10+lenny2
Hi,
I've enabled mod_status and I've been looking at the stats for
some time and always was under the impression that they were way
too high.
But today the munin graph say it's been doing 400 MB/s for the past
3 hours, which makes no sense at
# Automatically generated email from bts, devscripts version 2.9.6
# This seems to break other packages, so I think it should be RC.
severity 415698 serious
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
reassign 385004 openssl,apache-ssl,libapache-mod-php5
thanks
This seems to be php problem, so I'm reassinging this.
Kurt
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi,
I really don't have anything to look at now, and will need some more
information. You say this crashed in the libssl library? Can you show
me the backtrace? Please install the libssl0.9.8-dbg package, which
should give you more debug information for the backtrace.
Can you generate a
21 matches
Mail list logo