On Thu, Apr 8, 2010 at 9:24 AM, Vorazzo Manuela <[email protected]> wrote:
> *) SECURITY: CVE-2009-3555 (cve.mitre.org) > Is there some workaround to do this without upgrade my apache version??? > > I mean some mod_ssl configuration directives that I can set for bypass the > problem/vulnerability??? No, you'd minimally need a new openssl (that blocks insecure renegotiation by default). -- Eric Covener [email protected] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected]
