This bug was fixed in the package apache2 - 2.2.14-5ubuntu8.2
---------------
apache2 (2.2.14-5ubuntu8.2) lucid-security; urgency=low
* debian/patches/211-sslinsecurerenegotiation-directive.dpatch: once
openssl gets updated to fix CVE-2009-3555, server renegotiations with
unpatched clients will fail. This patch adds the ability to revert to
the previous unsafe behaviour with a new SSLInsecureRenegotiation
directive. (LP: #616759)
* debian/control: add specific dependency on first openssl version to get
CVE-2009-3555 fix.
-- Marc Deslauriers <[email protected]> Wed, 18 Aug 2010 16:37:47
-0400
** Changed in: openssl (Ubuntu Lucid)
Status: In Progress => Fix Released
--
CVE-2009-3555 tracking bug
https://bugs.launchpad.net/bugs/616759
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs