Comments

30 Comments
karma

Working fine here.

This update has been unpushed.

User Icon jorton commented & provided feedback on sscg-3.0.3-2.fc37 a year ago
karma

Works on Fedora 37 with httpd-init.service, confirmed that: a) https://github.com/sgallagher/sscg/pull/62 works as expected to append dhparams to cert file, and b) the earlier fix for not failing if implicit dhparams can't be placed in $CWD also works

Thanks a lot Stephen!

This update has been unpushed.

Fixes #1710576 - thanks

BZ#1710576 /etc/cron.hourly/0yum-hourly.cron crashes - unhashable type: 'dict'
BZ#1694510 httpd-2.4.39 is available

Fixes bug 1632660, the httpd upstream test suite passes fully with TLSv1.3 with this update.

BZ#1632660 TLSv1.3 - enable post-handshake auth
karma

LGTM

BZ#1647241 apachectl broken in fedora 29
karma

Working with httpd/mod_ssl.

PHA hack is working here, thanks a lot Paul.

BZ#1630391 expose SSL_CTX_set_post_handshake_auth

NOTE: DO NOT PUSH THIS TO STABLE.

There is a regression upstream which I will integrate the fix for, plus the Obsoletes for mod_proxy_uwsgi needs to be updated.

Sorry! Yes I mean mod_http2/mod_h2.

CVE-2018-1333 is a mod_md issue and in Fedora we ship mod_md separately from github releases.

CVE-2018-1333 is fixed by http://svn.apache.org/viewvc?view=revision&revision=1828879 (confirmed with security@httpd.apache.org)

This change is mirrored to github here: https://github.com/icing/mod_h2/commit/83a2e3866918ce6567a683eb4c660688d047ee81

That github commit is present in tag for mod_md 1.10.18. We already updated to 1.10.18 in Fedora, so Fedora users have the fix already. https://bodhi.fedoraproject.org/updates/FEDORA-2018-54fed84dcd

It was, but mod_http2-1.10.16 was not pushed to stable for Fedora 26, so bodhi has merged the two updates.

karma

LGTM

Bojan, yeah, I should have noted that - updated the text now.