[Pkg-apache-commits] r1272 - in /trunk/apache2: changelog config-dir/mods-available/ssl.conf
sf at alioth.debian.org
sf at alioth.debian.org
Sun Feb 6 14:58:49 UTC 2011
Author: sf
Date: Sun Feb 6 14:58:48 2011
New Revision: 1272
URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=1272
Log:
Disable md5 in mod_ssl default cipher suite. Closes: #609126
Modified:
trunk/apache2/changelog
trunk/apache2/config-dir/mods-available/ssl.conf
Modified: trunk/apache2/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/changelog?rev=1272&op=diff
==============================================================================
--- trunk/apache2/changelog (original)
+++ trunk/apache2/changelog Sun Feb 6 14:58:48 2011
@@ -1,6 +1,7 @@
apache2 (2.2.17-1) UNRELEASED; urgency=low
* New upstream version
+ * Disable md5 in mod_ssl default cipher suite. Closes: #609126
* Fix order of comments in "worker" section in apache2.conf. Closes: #608488
-- Stefan Fritsch <sf at debian.org> Sun, 06 Feb 2011 15:23:35 +0100
Modified: trunk/apache2/config-dir/mods-available/ssl.conf
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apache2/config-dir/mods-available/ssl.conf?rev=1272&op=diff
==============================================================================
--- trunk/apache2/config-dir/mods-available/ssl.conf (original)
+++ trunk/apache2/config-dir/mods-available/ssl.conf Sun Feb 6 14:58:48 2011
@@ -52,7 +52,7 @@
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
# enable only secure ciphers:
-SSLCipherSuite HIGH:MEDIUM:!ADH
+SSLCipherSuite HIGH:MEDIUM:!ADH:!MD5
# Use this instead if you want to allow cipher upgrades via SGC facility.
# In this case you also have to use something like
# SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
More information about the Pkg-apache-commits
mailing list