Comments
jorton
Fixes #1710576 - thanks
Fixes bug 1632660, the httpd upstream test suite passes fully with TLSv1.3 with this update.
LGTM
Working with httpd/mod_ssl.
PHA hack is working here, thanks a lot Paul.
NOTE: DO NOT PUSH THIS TO STABLE.
There is a regression upstream which I will integrate the fix for, plus the Obsoletes for mod_proxy_uwsgi needs to be updated.
Sorry! Yes I mean mod_http2/mod_h2.
CVE-2018-1333 is a mod_md issue and in Fedora we ship mod_md separately from github releases.
CVE-2018-1333 is fixed by http://svn.apache.org/viewvc?view=revision&revision=1828879 (confirmed with security@httpd.apache.org)
This change is mirrored to github here: https://github.com/icing/mod_h2/commit/83a2e3866918ce6567a683eb4c660688d047ee81
That github commit is present in tag for mod_md 1.10.18. We already updated to 1.10.18 in Fedora, so Fedora users have the fix already. https://bodhi.fedoraproject.org/updates/FEDORA-2018-54fed84dcd
It was, but mod_http2-1.10.16 was not pushed to stable for Fedora 26, so bodhi has merged the two updates.
LGTM
Thanks, testers!
Bojan, yeah, I should have noted that - updated the text now.
LGTM
Needs to be tested in conjunction with https://bodhi.fedoraproject.org/updates/FEDORA-2017-7ef5411216
Needs to be tested in conjunction with https://bodhi.fedoraproject.org/updates/FEDORA-2017-8f2df0e3f2
Karma please! :)
This update has been unpushed.