cvs commit: ports/www/apache2 Makefile ports/www/apache2/files
patch-secfix-CAN-2004-0885
Clement Laforet
clement at FreeBSD.org
Wed Oct 13 02:17:39 PDT 2004
clement 2004-10-13 09:17:38 UTC
FreeBSD ports repository
Modified files:
www/apache2 Makefile
Added files:
www/apache2/files patch-secfix-CAN-2004-0885
Log:
- Yet Another Security Fix
Fix CAN-2004-0885:
* modules/ssl/ssl_engine_kernel.c (ssl_hook_Access): Ensure that a
correct cipher suite has been negotiated, else deny access.
* modules/ssl/ssl_engine_init.c (ssl_init_ctx_protocol): With OpenSSL
0.9.7, prevent session resumption during a renegotiation to force the
client to negotiate a new (and acceptable) cipher suite.
Credits: Hartmut Keil, Joe Orton
Revision Changes Path
1.202 +1 -0 ports/www/apache2/Makefile
1.1 +56 -0 ports/www/apache2/files/patch-secfix-CAN-2004-0885 (new)
More information about the cvs-all
mailing list