Follow-up to the default SSL/TLS settings shipped on various Linux distros for Apache 2.2.x tests

by adrian 17. May 2011 21:45

After testing how various Linux distros or freeBSD ship Apache’s(version 2.2.x) default configuration of the SSL part(included mod_ssl) [1], as time permitted, I started to open bugs related to the findings.
So far I’ve managed to fill bugs on five distros: openSuse, Fedora, Mandriva, Slackware and FreeBSD; however some distros may relate to each other(like the Suse ones or Red Hat and Fedora).

To be honest, to my surprise, some prompt answers were received from some distros, namely openSuse and Fedora.
Others like Mandriva or Slackware(no bugzilla for this one to my knowledge, so I emailed them) did not (yet) made any comments or so.
The FreeBSD bug is in “feedback” state.
Below is a list with the bugs submitted so far.

openSUSE –> fixed
https://bugzilla.novell.com/show_bug.cgi?id=693479

Fedora –> fixed
https://bugzilla.redhat.com/show_bug.cgi?id=704352

FreeBSD –> “feedback” state 
http://www.freebsd.org/cgi/query-pr.cgi?pr=156987

Mandriva –> ?
https://qa.mandriva.com/show_bug.cgi?id=63286

Slackware –> ?
No bugzilla ? –> sent email to info@slackware.com.

References

[1] On scope: default SSL/TLS settings shipped on various Linux distros for Apache 2.2.x
http://www.carbonwind.net/blog/post/On-scope-default-SSLTLS-settings-shipped-on-various-Linux-distros-for-Apache-22x.aspx

Tags:

SSL

Pingbacks and trackbacks (1)+

Comments are closed

Home | Hire me

Support this blog

Adds

Book Shelf

 

Month List