[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#733564: pu: apache2 with ECDHE support

Am Montag, 14. April 2014, 21:18:46 schrieb Philipp Kern:
> So I'd say that we should go and add ECDHE support to Apache as
> suggested and also patch OpenSSL for the OS X bug as the
> fingerprinting landed upstream and we would merely replicate
> current upstream behavior.

OK, sounds good.

Kurt, if the openssl patch is like [1], it would require that apache2 
is built against the updated version of openssl, due to the changed 
value of SSL_OP_ALL. Can you please ping me when you have uploaded the 
new package? Also, you should probably mention in the changelog that 
only recompiled applications get to use the workaround.


[1] http://openssl.6102.n7.nabble.com/openssl-org-3068-PATCH-Safari-broken-ECDHE-ECDSA-workaround-td45432.html

Reply to: