Propose: openssl < 1.0.2 are EOL, and SSLv3 is disabled by default on active versions.

author Yann Ylavic <ylavic@apache.org>

Thu, 5 Jan 2017 00:35:09 +0000 (00:35 +0000)

committer Yann Ylavic <ylavic@apache.org>

Thu, 5 Jan 2017 00:35:09 +0000 (00:35 +0000)
author Yann Ylavic <ylavic@apache.org>
Thu, 5 Jan 2017 00:35:09 +0000 (00:35 +0000)
committer Yann Ylavic <ylavic@apache.org>
Thu, 5 Jan 2017 00:35:09 +0000 (00:35 +0000)
diff --git a/STATUS b/STATUS

index ce216b7347268915fc89ac9350b0d57fb086b1cc..c9821f4996c690ac9805aacf6e75afc242672f55 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -204,6 +204,14 @@ PATCHES PROPOSED TO BACKPORT FROM TRUNK:
       2.2.x patch: http://home.apache.org/~ylavic/patches/httpd-2.2.x-fix_warnings_r1125877.patch
       +1: ylavic, wrowe
  
+  *) mod_ssl: Support compilation against libssl built with OPENSSL_NO_SSL3
+     [but without: and change the compiled-in default for SSL[Proxy]Protocol
+                   to "all -SSLv3", in accordance with RFC 7568]
+     trunk patch: https://svn.apache.org/r1703952
+     2.4.x patch: https://svn.apache.org/r1706008
+     2.2.x patch: http://home.apache.org/~ylavic/patches/httpd-2.2.x-backport_r1703952.patch
+     +1: ylavic
+
  PATCHES/ISSUES THAT ARE STALLED
  
     * mod_proxy_balancer: Always initialize the shared parameters of a load
author	Yann Ylavic <ylavic@apache.org>
	Thu, 5 Jan 2017 00:35:09 +0000 (00:35 +0000)
committer	Yann Ylavic <ylavic@apache.org>
	Thu, 5 Jan 2017 00:35:09 +0000 (00:35 +0000)