[Bug 1400473] Re: Apache 2.2 on Ubuntu 12.04 LTS doesn't allow disabling TLS1.0
Launchpad Bug Tracker
1400473 at bugs.launchpad.net
Tue Jun 2 12:30:48 UTC 2015
This bug was fixed in the package apache2 - 2.2.22-1ubuntu1.9
---------------
apache2 (2.2.22-1ubuntu1.9) precise-security; urgency=medium
* SECURITY IMPROVEMENT: add support for ECC keys and ECDH ciphers
(LP: #1197884)
- debian/patches/ecc_support.patch: add support to
modules/ssl/mod_ssl.c, modules/ssl/ssl_engine_init.c,
modules/ssl/ssl_engine_kernel.c, modules/ssl/ssl_private.h,
modules/ssl/ssl_toolkit_compat.h, modules/ssl/ssl_util.c,
* SECURITY IMPROVEMENT: add TLSv1.x options to SSLProtocol (LP: #1400473)
- debian/patches/tls_options.patch: allow specifying later TLSv1.x
options in modules/ssl/mod_ssl.c, modules/ssl/ssl_engine_config.c,
modules/ssl/ssl_engine_init.c, modules/ssl/ssl_engine_kernel.c,
modules/ssl/ssl_private.h.
* SECURITY IMPROVEMENT: improve ephemeral key handling, including
allowing DH parameters to be loaded from SSLCertificateFile and
disabling EXPORT ciphers.
- debian/patches/ephemeral_key_handling.patch: numerous improvements to
modules/ssl/mod_ssl.c, modules/ssl/ssl_engine_config.c,
modules/ssl/ssl_engine_dh.c, modules/ssl/ssl_engine_init.c,
modules/ssl/ssl_engine_kernel.c, modules/ssl/ssl_private.h,
modules/ssl/ssl_util_ssl.c, modules/ssl/ssl_util_ssl.h.
-- Marc Deslauriers <marc.deslauriers at ubuntu.com> Thu, 28 May 2015
12:26:50 -0400
** Changed in: apache2 (Ubuntu Precise)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1400473
Title:
Apache 2.2 on Ubuntu 12.04 LTS doesn't allow disabling TLS1.0
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1400473/+subscriptions
More information about the Ubuntu-server-bugs
mailing list