The SSLv23 issue has been cloned as #780447.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Thank you for the feedbak Sergio. You are right, disabling the SSLv23_*
calls was a mistake, I'll fix that. Since this is a different issue I'll
clone this report though.
I also agree that the whole patch is no longer necessary. It was
initially required to avoid a warning caused by the removal of
I think the issue originally reported by Peter has been fixed in
tomcat-native/1.1.32~repack-1 currently in testing and unstable. In this
version the SSL_PROTOCOL_SSLV2 constant has been restored in
ssl_private.h, and the SSL_PROTOCOL_ALL constant is aligned with the
org.apache.tomcat.jni.SSL.SSL_P
found 737969 1.1.32~repack-1
thanks
I'd bump up the severity to serious if this weren't a maintainer's /
release manager's prerogative. This bug does force me to maintain my
own fork of the package.
The main problem, I think, is the following hunk:
@@ -121,12 +123,14 @@
/* requested but
On 02/07/2014 02:53 AM, Peter Grandi wrote:
> Package: libtcnative-1
> Version: 1.1.24-1
> Severity: important
>
> Symptoms:
>
> The Tomcat 'SSLProtocol' configuration attribute is documented
> as accepting several values, but on Debian 7/Wheezy (and
> presumably others) only the values "SS
Package: libtcnative-1
Version: 1.1.24-1
Severity: important
Symptoms:
The Tomcat 'SSLProtocol' configuration attribute is documented
as accepting several values, but on Debian 7/Wheezy (and
presumably others) only the values "SSLv3" and "TLSv1" are
accepted; notably the default value of
6 matches
Mail list logo
