Bug#336373: workaround
Peter Samuelson
peter at p12n.org
Sat Jan 7 04:10:38 UTC 2006
[Jim Paris]
> This is definitely the openssl bug. It appears that the fix in
> subversion 1.2.3dfsg1-3 only postponed the problem until libneon24
> upgraded to openssl 0.9.8.
That seems unlikely since libneon24 in unstable uses openssl 0.9.8.
...Errrr, wait, are you saying openssl 0.9.7 has the bug, or 0.9.8?
I will ask people to retest with subversion 1.3.0-1, which uses
libneon25 and (opensel 0.9.8), as soon as our 1.3.0-1 gets through NEW
processing and into experimental.
> I found that a workaround is to limit the ciphers on the Apache end.
> Removing all SSLv3 ciphers except RC4 seems to do the trick. For
> example, my apache2 configuration now has:
>
> SSLCipherSuite SSLv2:-LOW:-EXPORT:RC4+RSA
Thanks for the workaround!
Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-subversion-maintainers/attachments/20060106/500d563f/attachment.pgp
More information about the pkg-subversion-maintainers
mailing list