[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Re: openSUSE 13.1 and weakdh.org



Hi,

I have read it. The patch is just hard to backport sadly.

Ciao, Marcus
On Tue, Nov 24, 2015 at 02:43:36PM +0100, Tobias Hennerich wrote:
> Hi,
> 
> after one week no response to my mail at all :-(
> 
> Is the answer too obvious or is the topic too exotic? Or is
> opensuse-security just the wrong mailing list?
> 
> Kind regards    Tobias
> 
> -- 
> T+T Hennerich GmbH     /      Zettachring 12a      /     70567 Stuttgart
> Fon:+49(711)720714-0   Fax:+49(711)720714-44    Vanity:+49(700)HENNERICH
> Geschäftsführer: Dipl. Inf. Tobias Hennerich + Dipl. Inf. Timo Hennerich
> http://www.hennerich.de/               Amtsgericht Stuttgart, HRB 281482
> 
> Am 17.11.2015 um 17:32 schrieb Tobias Hennerich:
> >Hi,
> >
> >we have several webservers using apache and openSUSE 13.1.
> >
> >https://www.ssllabs.com/ssltest/ rates these systems with an
> >overall rating "B", because "/This server supports weak
> >Diffie-Hellman (DH) key exchange parameters./".
> >
> >The recommendations on https://weakdh.org/sysadmin.html can not be
> >used because the apache directive SSLOpenSSLConfCmd needs apache
> >2.4.8 and openSUSE 13.1 is using 2.4.6. The other suggestion to
> >append the DHparams to the end of the certificate file does also
> >not work, because you need apache 2.4.7 for that.
> >
> >I found ticket https://bugzilla.suse.com/show_bug.cgi?id=931723
> >from May 2015 in Status "NEW". There is a comment from "/Swamp
> >Workflow Management ////2015-10-06 07:09:35 UTC/", that there
> >should be a fix for openSUSE 13.1 with apache2-2.4.6-6.50.1, but a
> >"rpm -q --changelog apache2" does not mention this problem and the
> >various patches of the src-rpm do not match, too.
> >
> >Any suggestions?
> >
> >Best regards       Tobias
> >
> 
> -- 
> To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
> To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx
> 

-- 
Marcus Meissner,SUSE LINUX GmbH; Maxfeldstrasse 5; D-90409 Nuernberg; Zi. 3.1-33,+49-911-740 53-432,,serv=loki,mail=wotan,type=real <meissner@xxxxxxx>
-- 
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx