From owner-freebsd-apache@FreeBSD.ORG Thu Dec 10 14:36:25 2009 Return-Path: Delivered-To: apache@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 72425106566C for ; Thu, 10 Dec 2009 14:36:25 +0000 (UTC) (envelope-from kuriyama.bsd@gmail.com) Received: from mail-px0-f190.google.com (mail-px0-f190.google.com [209.85.216.190]) by mx1.freebsd.org (Postfix) with ESMTP id 3DD558FC1A for ; Thu, 10 Dec 2009 14:36:25 +0000 (UTC) Received: by pxi28 with SMTP id 28so2822848pxi.7 for ; Thu, 10 Dec 2009 06:36:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type; bh=sZoEsrdtiL94SNPK/XTi943zd9tbSEepqtgAi9LfOzU=; b=RGLv4zpwcL8V2Ah3XANltfYn2uZelYGfBixKwvrmNwWkdTPcQkTmbPjpUAb2NEqHEO 8UrkcsNoSCn2wJ7WG6CER4+dPKOUBy2wurk6XLeh2uPcg84euePBEP2wO6PD5mSbga8E YTJZ89HOhYcvh8d+ywg8Ue8mz7i5yjm5Z4Iqk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; b=HkmnxDugPg5MafNnuWRul1B//+2EXPKRSzvo6lBDeRKG7Jk6GgCaju8DJ0vhBgLNYB pR0lDXVIF7pAP3giOBYzCtYEaLecXOEmxwFuHXiDrBZ+Lz4wQN8+/VSvgsanrvuWooP7 Qkn9/fXXYeTSjExD+F9gDMeuHeWXT3k6JjA2c= MIME-Version: 1.0 Sender: kuriyama.bsd@gmail.com Received: by 10.142.247.42 with SMTP id u42mr2282082wfh.259.1260455784682; Thu, 10 Dec 2009 06:36:24 -0800 (PST) In-Reply-To: <4B203CC6.6060105@p6m7g8.com> References: <4AFCB886.9080708@p6m7g8.com> <48acff730912091547s549104fan1dc65da2dc2d56e9@mail.gmail.com> <4B203CC6.6060105@p6m7g8.com> Date: Thu, 10 Dec 2009 23:36:24 +0900 X-Google-Sender-Auth: 8d2ba7a18b3932c0 Message-ID: <48acff730912100636r77a686c3q9ae28c10d10b93b2@mail.gmail.com> From: Jun Kuriyama To: "Philip M. Gollucci" Content-Type: text/plain; charset=ISO-8859-1 Cc: Chris , apache@freebsd.org Subject: Re: apache 2.2.14 missing in ports X-BeenThere: freebsd-apache@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Support of apache-related ports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Dec 2009 14:36:25 -0000 2009/12/10 Philip M. Gollucci : > Jun Kuriyama wrote: > 2.2.14 does not address anything related to the SSL issues. > You'll need openssl updates first. > > Also you are only vulnerable if you do client side renegotiation. Ah, my problem is not related to serious security (I think). Something broken with recent OpenSSL (with combination of apache 2.2.13+). http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2393204 Anyway, I can live with 2.2.14 until actually fixed in OpenSSL or Apache (with -TLSv1). -- Jun Kuriyama // FreeBSD Project // S2 Factory, Inc.