On 09.11.2009 23:28, Rainer Jung wrote:
> I did a first try on backporting the CVE-2009-3555 patch to 2.0:
>
> http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_2_0_x.patch
>
> I hadn't yet time for intensive testing, but first tests looked OK.
> I noticed I couldn't log the SSL_SESSION
I did a first try on backporting the CVE-2009-3555 patch to 2.0:
http://people.apache.org/~rjung/patches/cve-2009-3555_httpd_2_0_x.patch
I hadn't yet time for intensive testing, but first tests looked OK.
I noticed I couldn't log the SSL_SESSION_ID, but maybe that was a
Windows thing. Hadn't yet