Hi Jan and Stefan, sorry for the late reply. On Mon, Apr 5, 2010 at 10:54, Stefan Fritsch <[email protected]> wrote: > - 2.2.15-2 still has some bugs in mod_reqtimeout, 2.2.15-3 would be > better (but will take some time until it hits testing).
so do you suggest to backport -3 instead of -2? we don't use mod_reqtimeout so we are not impacted from those bugs (so we didn't spot them). On Wed, Apr 14, 2010 at 07:58, Jan Wagner <[email protected]> wrote: > Hi Sandro, > > On Monday 05 April 2010 10:54:54 Stefan Fritsch wrote: >> - it is also possible to use an older openssl, this would just mean >> that the new 'SSLInsecureRenegotiation' directive would not be >> available (at least I believe that lenny's openssl already has SNI >> support). Maybe it would be better not to force people to update that >> core library. If you want to go with the older openssl, just downgrade >> the build-depends in apache and mention in the changelog that this >> removes SSLInsecureRenegotiation. > > Any news here? Well, in our configuration we need SSLInsecureRenegotiation, so I need a more recent openssl. If it's a problem, I can leave Jan, are you testing the packages I provided? are you facing any issues? Regards, -- Sandro Tosi (aka morph, morpheus, matrixhasu) My website: http://matrixhasu.altervista.org/ Me at Debian: http://wiki.debian.org/SandroTosi -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
