Author: sf Date: 2009-11-27 18:26:46 +0000 (Fri, 27 Nov 2009) New Revision: 13393 Modified: data/CVE-2009-3555 Log: nginx tls reneg disabled in unstable Modified: data/CVE-2009-3555 ==================================================================--- data/CVE-2009-3555 2009-11-27 12:10:41 UTC (rev 13392) +++ data/CVE-2009-3555 2009-11-27 18:26:46 UTC (rev 13393) @@ -25,8 +25,8 @@ - proftpd-dfsg -> Disabled SSL/TLS renegotiations in 1.3.2b-2 in unstable - apache2 -> Disabled client-initiated SSL/TLS renegs in 2.2.14-2, only partial fix, also issued as DSA 1934 for stable - tomcat-native -> 1.1.18-1 +- nginx: disabled renegotiation in 0.7.64-1 + patch at http://sysoev.ru/nginx/patch.cve-2009-3555.txt Candidates for modification: -- nginx: disables renegotiation in 0.7.64, bug #557873, - patch at http://sysoev.ru/nginx/patch.cve-2009-3555.txt - libapache-mod-ssl (oldstable only) bug #556942, no patch yet