This bug was fixed in the package apache2 - 2.2.11-2ubuntu2.7

---------------
apache2 (2.2.11-2ubuntu2.7) jaunty-security; urgency=low

  * debian/patches/909_sslinsecurerenegotiation-directive.dpatch: once
    openssl gets updated to fix CVE-2009-3555, server renegotiations with
    unpatched clients will fail. This patch adds the ability to revert to
    the previous unsafe behaviour with a new SSLInsecureRenegotiation
    directive. (LP: #616759)
  * debian/control: add specific dependency on first openssl version to get
    CVE-2009-3555 fix.
 -- Marc Deslauriers <[email protected]>   Mon, 16 Aug 2010 13:34:47 
-0400

-- 
CVE-2009-3555 tracking bug
https://bugs.launchpad.net/bugs/616759
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to