Bug#336373: workaround
Jim Paris
jim at jtan.com
Sat Jan 7 02:12:02 UTC 2006
Sorry for all the spam..
This is definitely the openssl bug. It appears that the fix in
subversion 1.2.3dfsg1-3 only postponed the problem until libneon24
upgraded to openssl 0.9.8.
I found that a workaround is to limit the ciphers on the Apache end.
Removing all SSLv3 ciphers except RC4 seems to do the trick. For
example, my apache2 configuration now has:
SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
and subversion works again. This is a drastic measure, of course, but
I need my subversion repository to work.
I didn't reopen this bug because it's really a problem with openssl,
but maybe it's worth keeping this around so other people can find it.
-jim
More information about the pkg-subversion-maintainers
mailing list