Bug#674142: marked as done (make it possible to disable ssl compression in apache2 mod_ssl)
Your message dated Tue, 30 Oct 2012 23:47:45 +0000
with message-id <E1TTLX7-0000Qn-8N@franck.debian.org>
and subject line Bug#674142: fixed in apache2 2.2.22-12
has caused the Debian Bug report #674142,
regarding make it possible to disable ssl compression in apache2 mod_ssl
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
674142: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674142
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: make it possible to disable ssl compression in apache2 mod_ssl
- From: Bjoern Jacke <debianbugs@j3e.de>
- Date: Wed, 23 May 2012 12:17:38 +0200
- Message-id: <20120523101738.GA25781@SerNet.DE>
Package: apache2
Version: 2.2.16
Owner: debian-apache@lists.debian.org
Some browsers like Chrome/Chromium but also cmdline clients using openssl like
wget support ssl compression. This is a big problem for ssl enabled servers
when they offer big files. Pulling for example a (already compressed) 100MB
file via such a browser using https the ssl compression eats up CPU time
significantly. The overall performance of the server will also go down.
Multiple clients make it even worse. It should be possible to disable ssl
compression in mod_ssl to solve this issue.
Please consider to add the patch from
https://issues.apache.org/bugzilla/show_bug.cgi?id=53219 to the Debian package.
It adds the parameter SSLCompression On/Off which allows to disable the ssl
compression. Maybe it is possible to get this even in Squeeze as it doesn't
change any default setting?
--- End Message ---
--- Begin Message ---
Source: apache2
Source-Version: 2.2.22-12
We believe that the bug you reported is fixed in the latest version of
apache2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 674142@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Arno Töll <arno@debian.org> (supplier of updated apache2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 31 Oct 2012 00:23:59 +0100
Source: apache2
Binary: apache2.2-common apache2.2-bin apache2-mpm-worker apache2-mpm-prefork apache2-mpm-event apache2-mpm-itk apache2-utils apache2-suexec apache2-suexec-custom apache2 apache2-doc apache2-prefork-dev apache2-threaded-dev apache2-dbg
Architecture: source amd64 all
Version: 2.2.22-12
Distribution: unstable
Urgency: low
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Arno Töll <arno@debian.org>
Description:
apache2 - Apache HTTP Server metapackage
apache2-dbg - Apache debugging symbols
apache2-doc - Apache HTTP Server documentation
apache2-mpm-event - Apache HTTP Server - event driven model
apache2-mpm-itk - multiuser MPM for Apache 2.2
apache2-mpm-prefork - Apache HTTP Server - traditional non-threaded model
apache2-mpm-worker - Apache HTTP Server - high speed threaded model
apache2-prefork-dev - Apache development headers - non-threaded MPM
apache2-suexec - Standard suexec program for Apache 2 mod_suexec
apache2-suexec-custom - Configurable suexec program for Apache 2 mod_suexec
apache2-threaded-dev - Apache development headers - threaded MPM
apache2-utils - utility programs for webservers
apache2.2-bin - Apache HTTP Server common binary files
apache2.2-common - Apache HTTP Server common files
Closes: 674142 689936
Changes:
apache2 (2.2.22-12) unstable; urgency=low
.
* Backport mod_ssl "SSLCompression on|off" flag from upstream. The default is
"off". This mitigates impact of CRIME attacks. Fixes:
- "handling the CRIME attack" (Closes: #689936)
- "make it possible to disable ssl compression in apache2 mod_ssl"
(Closes: #674142)
Checksums-Sha1:
6d0cf1e0e358a5721454e2e8422f18cc760caab3 2885 apache2_2.2.22-12.dsc
9fb2e4aabec9534900e2a532f20cbd8695c83f41 196863 apache2_2.2.22-12.debian.tar.gz
6453f01b1be9119ae4510fda41c654c8a2a9a167 290370 apache2.2-common_2.2.22-12_amd64.deb
778a67b1eeb7fe5628207027b03c54cf9b5718a5 780540 apache2.2-bin_2.2.22-12_amd64.deb
02ef6214f265743830dbe7e41fa8ac44826c98e8 2250 apache2-mpm-worker_2.2.22-12_amd64.deb
e42d824027cea5c95f0aa8230f87b8cb2bb8f80b 2362 apache2-mpm-prefork_2.2.22-12_amd64.deb
b239f70a0f6ea7379c7485f6be204de8166a5bfe 2316 apache2-mpm-event_2.2.22-12_amd64.deb
5a002ea84b373acaa17c5728bae807422e2b1228 2342 apache2-mpm-itk_2.2.22-12_amd64.deb
541d720a59894a71be12fe0377a0221535e75c40 161586 apache2-utils_2.2.22-12_amd64.deb
e5d16c19f7697ad4e788f27e9aeefc13814202cf 105390 apache2-suexec_2.2.22-12_amd64.deb
62033a8ba9a6c7573b772e8b578328f1083b8702 106874 apache2-suexec-custom_2.2.22-12_amd64.deb
78463097f42aa7d5a6585ddb7f5e56e48fab2b13 1436 apache2_2.2.22-12_amd64.deb
65b162fdd9aa99dcb83639aee3cdbdbcbb293013 1770476 apache2-doc_2.2.22-12_all.deb
cf5632f3e20b3625990cdb1ebcfc53cf67bca94e 114182 apache2-prefork-dev_2.2.22-12_amd64.deb
74fe45f3b4537f936f72129fb97d5db3e9b3e899 115020 apache2-threaded-dev_2.2.22-12_amd64.deb
56e66c52ae09be01e1e5942a3630e759f0beb646 1727278 apache2-dbg_2.2.22-12_amd64.deb
Checksums-Sha256:
eafa3378fb34f329cb19f41892b7077e75ed48907595ea098efb65ea17291987 2885 apache2_2.2.22-12.dsc
3ae9569a5e06a434705838f2639effa25856d72470b4a1b7a179f5c12b055957 196863 apache2_2.2.22-12.debian.tar.gz
9c5dd2a4240913ca226d3e02438ee3eb0a9bc00f472d12de73ae486feef4e37d 290370 apache2.2-common_2.2.22-12_amd64.deb
857d28a0e0f0c7928ea13e6e351bbe11af5bb2003451ab2327da535dfedc22aa 780540 apache2.2-bin_2.2.22-12_amd64.deb
e0ff2f2cf8a1c2d7b99889968e0afe70ec1fac5cceef242442df798135a5ab41 2250 apache2-mpm-worker_2.2.22-12_amd64.deb
be2f32cd5ad34aa5d02145f5ba35bdb9c0527528333a72738f497d3552d5f451 2362 apache2-mpm-prefork_2.2.22-12_amd64.deb
f813935b75ae5cd7c708f8a224a8e100c1e0564e4eb6d350ac003330f41da73e 2316 apache2-mpm-event_2.2.22-12_amd64.deb
57c80e64d7c0c96e51abbdbf66ee801c58d28054c46213238f84994bd8851d84 2342 apache2-mpm-itk_2.2.22-12_amd64.deb
9736646d878b0161d17fd2d5b43e8ec5a23a20197b9a164b5bb6d976e2697aa2 161586 apache2-utils_2.2.22-12_amd64.deb
ac75d277717783df4007c700170c4093431569e83e9092a16b62ec4370aaaa79 105390 apache2-suexec_2.2.22-12_amd64.deb
4d68b6dcd737cf25c0d5a92115e23b1b68996c6c6db3afd2f05e94e3e0c7e241 106874 apache2-suexec-custom_2.2.22-12_amd64.deb
c2f41db13ef76966b3f8d41ee957ff88b0a2527789be2d7c1ab826ff4c1004ef 1436 apache2_2.2.22-12_amd64.deb
4da79bf236f01662959407587f8419a0c0bfb3a59b8309dc0ba426e30f09cd2f 1770476 apache2-doc_2.2.22-12_all.deb
5baa7750aa8577d82bc721ffd8d401698469515387206ad87040dd5d9b4cf8f4 114182 apache2-prefork-dev_2.2.22-12_amd64.deb
9c55d0bd5a62c4f8f6cb532c4c60dda05b82cc67baa716c513bff65375b9a53f 115020 apache2-threaded-dev_2.2.22-12_amd64.deb
1dc6ac5eab5ae5f5c8ea616ae590ada0bd66100e844e858cc65d278b7add0948 1727278 apache2-dbg_2.2.22-12_amd64.deb
Files:
42ac643ee968bf4a3032fcc818c5e434 2885 httpd optional apache2_2.2.22-12.dsc
a874f9022b84d8a8598906a2c6e92587 196863 httpd optional apache2_2.2.22-12.debian.tar.gz
e27e7bd03801421768e9feb734e40747 290370 httpd optional apache2.2-common_2.2.22-12_amd64.deb
8b4ab0ceeba5ac4ebbbfe0f3f1f53b09 780540 httpd optional apache2.2-bin_2.2.22-12_amd64.deb
b3481312fb98b183caa0cd2f8f969186 2250 httpd optional apache2-mpm-worker_2.2.22-12_amd64.deb
a73bd7ea18cfc2cd7c7650a3427572bf 2362 httpd optional apache2-mpm-prefork_2.2.22-12_amd64.deb
6c56e3f4570d6ebc64f565fdf9692e4c 2316 httpd optional apache2-mpm-event_2.2.22-12_amd64.deb
9594cb266fa79c0a80bcde274768a4a5 2342 httpd extra apache2-mpm-itk_2.2.22-12_amd64.deb
1923051f78643a104be2a3eaa317d926 161586 httpd optional apache2-utils_2.2.22-12_amd64.deb
19de10a8523868adaab7010c971c375e 105390 httpd optional apache2-suexec_2.2.22-12_amd64.deb
5f6da6484695dcb3eeb6645459f4dbe2 106874 httpd extra apache2-suexec-custom_2.2.22-12_amd64.deb
c92cba7e28dad1f03b04053772252760 1436 httpd optional apache2_2.2.22-12_amd64.deb
e81a4f468a5931d49f56ac254e41ef69 1770476 doc optional apache2-doc_2.2.22-12_all.deb
379b7aae2516213fc9c0ed734a193d5e 114182 httpd extra apache2-prefork-dev_2.2.22-12_amd64.deb
e9950b38f2421190436b51aa7e7323aa 115020 httpd extra apache2-threaded-dev_2.2.22-12_amd64.deb
da2216516b4e8ff61e43e0c64d928fb7 1727278 debug extra apache2-dbg_2.2.22-12_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBAgAGBQJQkGTfAAoJEMcrUe6dgPNt9JMP/AlGuRTEXOBx8BzcZO6/nvD8
AP3WOUGJMyrBbix3iU2qKSkBweE6U20I1FiykVUVPXG+2u1rIbv5dQqNf0Ba/nis
Hn0vS18WscjXg9I2EhBl/SL00F1i6JueOA9KM6Q+bJo+cnSjDfvLXYAcijnw7dOt
sZVt+YjbMhUOMqW2CB3Ar4HkzA2QuAutqOWvQi7YkAPT2HAXG0mhHQXOzAmfObHq
PuMtbhVrC/bu4SZSI7JYye2F7v/nXlEiI2NLv/PCWTrZkJWtvRVi5w8A6CbntTSw
NCgRZsiFpH/HXsqAgUPUpbitv/etDr2xIuwOD95C3THY3s/Uj+Fx46ndtQOAYUoS
RwaUgwkA8TTzfTenOM2lijQr8okbUIHAnlML9oXEh/bezHJpHt1At5RJj2sXFyHU
ryM/OQijrirqIcUGe9lmIefvhcxmoVnsiuegTlI+zs1DurO/VN+UtiVrb/rxqOMV
0lA8E1McBdpb45OrqgG4sCLdEaMiPyI7P4ZQ2yGMIy/P8uxujZMf9zQR8HyDExvY
qKq0HpWH/lrK3YSR1vpuBcBfbQ7whoU9j57/ElkBIR43N+rhe0d8+9Dob2qJWhZb
NwYwLxBECPoFDpbiIEN++/vyhMz7+ZmrzqxXbhIi7oIAUrfukaA0Pt+Tedf5Iw6U
CjNcuU8875JdVL5oTSoj
=4CjL
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: