[SCM] Debian packaging for apache2 branch, master, updated. debian/2.4.4-6-8-g5adeba5
Stefan Fritsch
sf at sfritsch.de
Sun Jul 14 09:15:38 UTC 2013
The following commit has been merged in the master branch:
commit 5adeba53e55c5f5560e833849cc3d0f300692d78
Author: Stefan Fritsch <sf at sfritsch.de>
Date: Sun Jul 14 11:13:31 2013 +0200
Update SSLProtocol comment
Mention TLSv1.[12]. No longer imply that TLSv1 and SSLv3 are secure.
Also remove -SSLv2 which is a no-op.
Also fix other comment's indentation.
diff --git a/debian/config-dir/mods-available/ssl.conf b/debian/config-dir/mods-available/ssl.conf
index ed3b713..244d2a5 100644
--- a/debian/config-dir/mods-available/ssl.conf
+++ b/debian/config-dir/mods-available/ssl.conf
@@ -71,15 +71,17 @@
#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
#SSLHonorCipherOrder on
- # enable only secure protocols: SSLv3 and TLSv1, but not SSLv2
- SSLProtocol all -SSLv2
+ # The protocols to enable.
+ # Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2
+ # SSL v2 is no longer supported
+ SSLProtocol all
- # Allow insecure renegotiation with clients which do not yet support the
- # secure renegotiation protocol. Default: Off
+ # Allow insecure renegotiation with clients which do not yet support the
+ # secure renegotiation protocol. Default: Off
#SSLInsecureRenegotiation on
- # Whether to forbid non-SNI clients to access name based virtual hosts.
- # Default: Off
+ # Whether to forbid non-SNI clients to access name based virtual hosts.
+ # Default: Off
#SSLStrictSNIVHostCheck On
</IfModule>
--
Debian packaging for apache2
More information about the Pkg-apache-commits
mailing list