Overview

File _patchinfo of Package patchinfo.246

<patchinfo>
  <category>security</category>
  <rating>low</rating>
  <packager>draht</packager>
  <summary>backport of SSLCompression directive, SSLCipherSuite update in template</summary>
  <description>
  This low-profile update introduces a backport of the SSLCompression directive
  (added to /etc/apache2/ssl-global.conf) that helps mitigating the CRIME attack
  if set to off (default). Also added to /etc/apache2/ssl-global.conf: "SSLHonorCipherOrder on".
  /etc/apache2/vhosts.d/vhost-ssl.template now contains a new SSLCipherSuite string. Even though GCM
  mode of AES is not supported in openssl-1.0.0l, the string works well and may be useful elsewhere, too.
  </description>
</patchinfo>
openSUSE Build Service is sponsored by
Places