[Bug 616759] Re: CVE-2009-3555 tracking bug
Launchpad Bug Tracker
616759 at bugs.launchpad.net
Tue Sep 21 15:32:11 BST 2010
This bug was fixed in the package apache2 - 2.2.12-1ubuntu2.3
---------------
apache2 (2.2.12-1ubuntu2.3) karmic-security; urgency=low
* debian/patches/905_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Mon, 16 Aug 2010 13:26:28 -0400
** Changed in: openssl (Ubuntu Karmic)
Status: In Progress => Fix Released
--
CVE-2009-3555 tracking bug
https://bugs.launchpad.net/bugs/616759
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list