[ANNOUNCE] mod_ssl 2.8.12

Because of a found Cross-Side-Scripting (XSS) bug in mod_ssl, the fixed maintainance version mod_ssl 2.8.12 is available for use with Apache 1.3.27. http://www.modssl.org/source/ ftp://ftp.modssl.org/source/ Ralf S. Engelschall

Re: R: SSL reverse proxy using certificates to IIS server

Claudio, I tried that but no change. Keith CAMPETTO CLAUDIO [EMAIL PROTECTED] writes: Try putting this line in the server config: SSLProxyProtocol SSLv3 Hope this helps. Claudio Campetto. __ Apache Interface to

SSL - MS Proxy 2.0 - MSIE6

Dear all, I'm using: Apache 1.3.26 mod_ssl: 2.8.10 openSSL: 0.9.6g At the client site I use MSIE6 and I have a MS proxy 2.0. When I enable SSL the connections/communication is very slow. If I disable it, the site works perfect. Does anybody have an idea? thx Erwin

RE: SSL - MS Proxy 2.0 - MSIE6

What spec do you have on the server and client? -Original Message- From: [EMAIL PROTECTED] [mailto:erwin.vogeleer;deltalloydLife.be] Sent: Mittwoch, 23. Oktober 2002 16:09 To: [EMAIL PROTECTED] Subject: SSL - MS Proxy 2.0 - MSIE6 Dear all, I'm using: Apache 1.3.26 mod_ssl: 2.8.10

RE: SSL - MS Proxy 2.0 - MSIE6

The server is running NT4 and the clients XP and win2000. Boyle Owen

RE: Apache_1.3.27 and ssl

Any suggestion on upgrade? We can run the same procedure or need to remove the old one first? Thanks Yi -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Sent: Tuesday, October 22, 2002 4:40 PMTo: [EMAIL PROTECTED]Subject: Re: Apache_1.3.27 and

RE: Apache_1.3.27 and ssl

We upgraded; we did not remove any prior versions. Troy Garner Information Technology Manager Gulf Winds International, Inc. 713.747.4909 x5753 www.gwii.com Kong, Yi - HPL [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 10/23/2002 09:49 AM Please respond to modssl-users To:

ld.so.1: /apache/bin/httpd: fatal: libssl.so.0.9.6: open failed

Title: Message hello folks, --- Got trouble.. here is the details .. anyone see anything.. ./apachectl startsslSyntax error on line 238 of /apache/conf/httpd.conf:Cannot load /apache/libexec/libssl.so into server: ld.so.1: /apache/bin/httpd: fatal: libssl.so.0.9.6: open failed: No such

Trivial bug: inappropriate use of free()

Hi, Mod_ssl uses free() inappropriately in several places, to free memory which has been previously allocated inside OpenSSL. Such memory should be freed with OPENSSL_free(), not with free(). There is usually no difference, but when allocation debugging is turned on in OpenSSL, or another

Building mod_SSL with SSL_EXPERIMENTAL in Win32!

Hi All, I am building mod_SSL with Apache 1.3.26 on Win32 using nCipher SSL accelerator. But I have some problem. I can use c:\openssl\openssl speed engine chil successfully. But when I want to build mod_SSL with SSL_EXPERIMENTAL option, but I found there is no such option in Win32

[ANNOUNCE] mod_ssl 2.8.12

Because of a found Cross-Side-Scripting (XSS) bug in mod_ssl, the fixed maintainance version mod_ssl 2.8.12 is available for use with Apache 1.3.27. http://www.modssl.org/source/ ftp://ftp.modssl.org/source/ Ralf S. Engelschall

RE: [ANNOUNCE] mod_ssl 2.8.12

Hi list, is there any information available regarding the mentioned potential Cross-Side-Scripting bug? (Any CERT/CC Advisory CA-x, BUGTRAQ-Messages etc...) Thanks in advance kind regards, B. Courtin -Original Message- From: Ralf S. Engelschall [mailto:rse;engelschall.com]

Re: [ANNOUNCE] mod_ssl 2.8.12

On Wed, Oct 23, 2002 at 11:32:53AM +0200, Courtin Bert wrote: is there any information available regarding the mentioned potential Cross-Side-Scripting bug? (Any CERT/CC Advisory CA-x, BUGTRAQ-Messages etc...) Hi, here are the details: Versions of mod_ssl older than 2.8.12 suffer from a