[Bug 1073603] [NEW] disable ssl compression to mitigate the BEAST attack
seph
1073603 at bugs.launchpad.net
Wed Oct 31 15:22:11 UTC 2012
*** This bug is a security vulnerability ***
Public security bug reported:
Apache 2.2 is vulnerable to the CRIME attack. While modern browsers are
not vulnerable to this. older browsers are. And various compliance scans
will check for it.
Apache's bug report --
https://issues.apache.org/bugzilla/show_bug.cgi?id=53219
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1073603
Title:
disable ssl compression to mitigate the BEAST attack
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1073603/+subscriptions
More information about the Ubuntu-server-bugs
mailing list