Commit 1232c0f8 authored by Yann Ylavic's avatar Yann Ylavic
Browse files

Propose: openssl < 1.0.2 are EOL, and SSLv3 is disabled by default on active versions. 

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1777392 13f79535-47bb-0310-9956-ffa450edef68
parent 9a8882df

STATUS

+8 −0
Original line number Diff line number Diff line
@@ -204,6 +204,14 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK: 
     2.2.x patch: http://home.apache.org/~ylavic/patches/httpd-2.2.x-fix_warnings_r1125877.patch

     +1: ylavic, wrowe



  *) mod_ssl: Support compilation against libssl built with OPENSSL_NO_SSL3

     [but without: and change the compiled-in default for SSL[Proxy]Protocol

                   to "all -SSLv3", in accordance with RFC 7568]

     trunk patch: https://svn.apache.org/r1703952

     2.4.x patch: https://svn.apache.org/r1706008

     2.2.x patch: http://home.apache.org/~ylavic/patches/httpd-2.2.x-backport_r1703952.patch

     +1: ylavic



PATCHES/ISSUES THAT ARE STALLED



   * mod_proxy_balancer: Always initialize the shared parameters of a load