Working fine here.
This update has been unpushed.
Works on Fedora 37 with httpd-init.service, confirmed that: a) https://github.com/sgallagher/sscg/pull/62 works as expected to append dhparams to cert file, and b) the earlier fix for not failing if implicit dhparams can't be placed in $CWD also works
Thanks a lot Stephen!
This update has been unpushed.
Fixes #1710576 - thanks
Fixes bug 1632660, the httpd upstream test suite passes fully with TLSv1.3 with this update.
LGTM
Working with httpd/mod_ssl.
PHA hack is working here, thanks a lot Paul.
NOTE: DO NOT PUSH THIS TO STABLE.
There is a regression upstream which I will integrate the fix for, plus the Obsoletes for mod_proxy_uwsgi needs to be updated.
Sorry! Yes I mean mod_http2/mod_h2.
CVE-2018-1333 is a mod_md issue and in Fedora we ship mod_md separately from github releases.
CVE-2018-1333 is fixed by http://svn.apache.org/viewvc?view=revision&revision=1828879 (confirmed with security@httpd.apache.org)
This change is mirrored to github here: https://github.com/icing/mod_h2/commit/83a2e3866918ce6567a683eb4c660688d047ee81
That github commit is present in tag for mod_md 1.10.18. We already updated to 1.10.18 in Fedora, so Fedora users have the fix already. https://bodhi.fedoraproject.org/updates/FEDORA-2018-54fed84dcd
It was, but mod_http2-1.10.16 was not pushed to stable for Fedora 26, so bodhi has merged the two updates.
LGTM
Thanks, testers!
Bojan, yeah, I should have noted that - updated the text now.
LGTM, thx