Re: Backport apache2 version >= 2.2.12 ?
Hi Sandro,
On Friday 26 March 2010, Sandro Tosi wrote:
> I've prepared some packages for backport, and copied on [1] (it's
> also apt-get-able); I tested them and they work, at least SNI is
> fully functional (that's my purpose)
>
> [1] http://people.debian.org/~morph/bpo/
>
> The chain of dependencies are:
>
> apache2
> +- openssl
> +- apr-util
> +- apr
> +- libtool
>
> libtool was already in bpo, but was not compiled for amd64, so I've
> just rebuilt it; the others are backports from the current versions
> in testing.
I have not tested the packages but have some comments:
- 2.2.15-2 still has some bugs in mod_reqtimeout, 2.2.15-3 would be
better (but will take some time until it hits testing).
- it is also possible to use an older openssl, this would just mean
that the new 'SSLInsecureRenegotiation' directive would not be
available (at least I believe that lenny's openssl already has SNI
support). Maybe it would be better not to force people to update that
core library. If you want to go with the older openssl, just downgrade
the build-depends in apache and mention in the changelog that this
removes SSLInsecureRenegotiation.
Apart from that, I don't see any problems.
Cheers,
Stefan
Reply to: