Yes... it appears to have been intermediary caches that threw me... the 2.4
and 2.2 new vulnerabilities are now in sync on the site.
Thanks for confirming, Joe.
On Mar 26, 2014 5:25 PM, "Joe Schaefer" wrote:
> What is the specific issue Bill- afaict everything looks fine to me.
>
>
>
> > On Wedn
What is the specific issue Bill- afaict everything looks fine to me.
> On Wednesday, March 26, 2014 6:17 PM, William A. Rowe Jr.
> wrote:
> > On Mon, 17 Mar 2014 05:40:19 -0500
> "William A. Rowe Jr." wrote:
>
>> I've been running behind too... But expect to have all my platforms
>> checke
Apache HTTP Server 2.2.27 Released
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.27 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix maintena
On Mon, 17 Mar 2014 05:40:19 -0500
"William A. Rowe Jr." wrote:
> I've been running behind too... But expect to have all my platforms
> checked out Monday. Since there are no negative votes we'll keep
> this open a bit longer.
Apologies for the delay, this has been pushed to the live site.
Man
On 2014-03-13 21:55, William A. Rowe Jr. wrote:
>
> The pre-release candidate Apache httpd 2.2.27 can be found in;
>
> http://httpd.apache.org/dev/dist/
>
> +/-1
> [ ] Release 2.2.27 (apr 1.5.0, apr-util 1.5.3)
>
> Please take note of APR minor version bump from 1.4.8 to 1.5.0.
>
>
On 03/26/2014 11:29 AM, Emilia Kasper wrote:
> Cross-signing happens all the time but afaik the other way around, i.e., an
> intermediate Y' corresponding to a _newer_ root cert Y is cross-signed by
> some _older_ root cert Z. So an old client would usually know only Z and a
> newer client would kn
Hi,
That is the first approach we used (in fact, that was how we also
named it, mod_proxy_handler :)). The problem is that we support a lot
of different scenarios, sometimes we bundle our own apache, and
sometimes we use the native one from the system. In the former case,
we are ok with patching A
On 26/03/2014 13:38, Emilia Kasper wrote:
>
> On Wed, Mar 26, 2014 at 1:11 PM, Dr Stephen Henson
> mailto:shen...@opensslfoundation.com>> wrote:
>
>
> If the server is correctly configured to exclude the root then the chain
> build
> will fail. The root is needed during path verificatio
Wow, thanks for all the great feedback!
On Wed, Mar 26, 2014 at 2:47 PM, Daniel Kahn Gillmor
wrote:
> On 03/26/2014 07:11 AM, Emilia Kasper wrote:
> > The patch fixes a) by sanity-checking the chain and chopping self-signed
> > roots. I believe it's harmless to turn on by default as the rebuild s
On 03/26/2014 07:11 AM, Emilia Kasper wrote:
> The patch fixes a) by sanity-checking the chain and chopping self-signed
> roots. I believe it's harmless to turn on by default as the rebuild step
> will either yield a valid chain or preserve the original configuration.
I like this suggestion. with
On Wed, Mar 26, 2014 at 1:11 PM, Dr Stephen Henson <
shen...@opensslfoundation.com> wrote:
> On 26/03/2014 11:11, Emilia Kasper wrote:
> > Hi mod_ssl devs,
> >
> > I have a small patch for mod_ssl that uses new OpenSSL (>=1.0.2) methods
> when
> > available to automatically rebuild misconfigured c
On 26/03/2014 11:11, Emilia Kasper wrote:
> Hi mod_ssl devs,
>
> I have a small patch for mod_ssl that uses new OpenSSL (>=1.0.2) methods when
> available to automatically rebuild misconfigured certificate chains.
>
> Github pull request: https://github.com/apache/httpd/pull/7
>
> Some of the co
Hi mod_ssl devs,
I have a small patch for mod_ssl that uses new OpenSSL (>=1.0.2) methods
when available to automatically rebuild misconfigured certificate chains.
Github pull request: https://github.com/apache/httpd/pull/7
Some of the common server chain misconfigurations are a) including the
s
13 matches
Mail list logo
