-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-08-16 13:39:40 UTC
-
mfrom:
(27.1.7 hardy-security)
-
Revision ID:
james.westby@ubuntu.com-20100816133940-erw4dk1w5yx2pl2i
Tags: 2.2.8-1ubuntu0.18
* debian/patches/212_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.