Skip to content
  1. Jul 06, 2017
  2. Jul 05, 2017
  3. Jun 29, 2017
  4. Jun 28, 2017
  5. Jun 23, 2017
  6. Jun 20, 2017
  7. Jun 19, 2017
  8. Jun 15, 2017
  9. Jun 03, 2017
  10. Jun 01, 2017
  11. May 31, 2017
  12. May 30, 2017
  13. May 16, 2017
    • William A. Rowe Jr's avatar
      Remove 3DES by default for users of older crypto librarys; the cipher · 50af83b2
      William A. Rowe Jr authored
      has been reclassified in current OpenSSL releases as WEAK due to 112
      or fewer bits of remaining cipher strength, while the Sweet32 disclosure
      extended the criticism of RC4 on to 3DES. (IDEA, which potentially has the
      same issue, is never enabled by default in OpenSSL, due to patent concerns.)
      
      This commit does not change default httpd behavior, but alters the suggested
      behavior of newly provisioned httpd servers. Where adopted, XP with IE8 will
      no longer handshake with mod_ssl (previously, XP with IE6 would not handshake.)
      The same net effect occurs where OpenSSL is updated to 1.1.0.
      
      
      git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1795360 13f79535-47bb-0310-9956-ffa450edef68
      50af83b2
  14. May 06, 2017
  15. Feb 17, 2017
  16. Feb 07, 2017
  17. Jan 21, 2017
  18. Jan 19, 2017
  19. Jan 15, 2017
  20. Jan 14, 2017