[Bug 1197884] Re: apache2.2 SSL has no forward-secrecy: need ECDHE keys
Robie Basak
1197884 at bugs.launchpad.net
Wed Sep 17 16:12:43 UTC 2014
Thank you for linking the Debian bug.
> This bug is for Apache 2.2 not for Apache 2.4 so don't mark as fix
released when thats not the case...
The status is defined to reflect the status in the development release,
where it is fixed. I'll add a Precise task for you though, to track
status for 12.04 specifically.
> This has been fixed already in Debian 7.6 and there is a debdiff for
it so there should not be a considerable amount of work to apply it
right now.
Agreed. That Debian has chosen to do this suggests that it may be a good
idea for Ubuntu also, and that there is a way to minimise regression.
> ...as the regression potential is near to zero
Message https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733564#37
suggests that this is not true, and that we need to also patch openssl
to avoid regressing Mac clients. Please can you expand on this?
If someone can post a debdiff and post an accurate regression potential
analysis, then I think it's fine to ask the SRU team to consider this
case.
I would still want someone to drive this please; both in preparing the
patches for Ubuntu, and also in thoroughly testing for regressions
during the SRU process.
I would note though that 14.04 is out now, so an LTS path is also
already available to users.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1197884
Title:
apache2.2 SSL has no forward-secrecy: need ECDHE keys
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1197884/+subscriptions
More information about the Ubuntu-server-bugs
mailing list