-
Committer:
Bazaar Package Importer
-
Author(s):
Marc Deslauriers
-
Date:
2010-08-16 13:34:47 UTC
-
Revision ID:
james.westby@ubuntu.com-20100816133447-o8al7ax8objxk9zc
Tags: 2.2.11-2ubuntu2.7
* debian/patches/909_sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.