From: | "Stefan G. Weichinger" <lists@×××××.at> | ||
---|---|---|---|
To: | gentoo-user@l.g.o | ||
Subject: | Re: [gentoo-user] logjam vulnerability | ||
Date: | Thu, 21 May 2015 16:17:00 | ||
Message-Id: | 555E04E9.80601@xunil.at | ||
In Reply to: | Re: [gentoo-user] logjam vulnerability by Paul Tobias |
1 | On 21.05.2015 17:09, Paul Tobias wrote: |
2 | |
3 | >> for apache-2.2.29 (=stable gentoo package) I googled that one has to |
4 | >> |
5 | >> # cat dhparams.pem >> /my/ssl_cert_file |
6 | >> |
7 | >> and restart apache |
8 | > |
9 | > Hmm, where did you read that? |
10 | |
11 | for example, in here: |
12 | |
13 | http://serverfault.com/questions/693241/how-to-fix-logjam-vulnerability-in-apache-httpd/693244#693244 |
14 | |
15 | but also in a german thread somewhere. |
16 | |
17 | > With apache 2.2 you'll have to patch manually for now, for example |
18 | > this patch: http://serverfault.com/a/693448/88476 I don't run any |
19 | > apache 2.2 instances so I can't test. |
20 | > |
21 | > Fortunately it's quite easy to apply custom patches with gentoo: |
22 | > https://wiki.gentoo.org/wiki//etc/portage/patches |
23 | |
24 | sure, no problem. |
25 | |
26 | Don't you think there will be an updated ebuild in portage soon? |
27 | |
28 | so far nothing on b.g.o. |
29 | |
30 | Stefan |