Archives
Archives
| From: | "Stefan G. Weichinger" <lists@×××××.at> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Subject: | Re: [gentoo-user] logjam vulnerability | ||
| Date: | Thu, 21 May 2015 16:17:00 | ||
| Message-Id: | 555E04E9.80601@xunil.at | ||
| In Reply to: | Re: [gentoo-user] logjam vulnerability by Paul Tobias |
||
| 1 | On 21.05.2015 17:09, Paul Tobias wrote: |
| 2 | |
| 3 | >> for apache-2.2.29 (=stable gentoo package) I googled that one has to |
| 4 | >> |
| 5 | >> # cat dhparams.pem >> /my/ssl_cert_file |
| 6 | >> |
| 7 | >> and restart apache |
| 8 | > |
| 9 | > Hmm, where did you read that? |
| 10 | |
| 11 | for example, in here: |
| 12 | |
| 13 | http://serverfault.com/questions/693241/how-to-fix-logjam-vulnerability-in-apache-httpd/693244#693244 |
| 14 | |
| 15 | but also in a german thread somewhere. |
| 16 | |
| 17 | > With apache 2.2 you'll have to patch manually for now, for example |
| 18 | > this patch: http://serverfault.com/a/693448/88476 I don't run any |
| 19 | > apache 2.2 instances so I can't test. |
| 20 | > |
| 21 | > Fortunately it's quite easy to apply custom patches with gentoo: |
| 22 | > https://wiki.gentoo.org/wiki//etc/portage/patches |
| 23 | |
| 24 | sure, no problem. |
| 25 | |
| 26 | Don't you think there will be an updated ebuild in portage soon? |
| 27 | |
| 28 | so far nothing on b.g.o. |
| 29 | |
| 30 | Stefan |