+++ This bug was initially created as a clone of Bug #566659 +++ Description: The SSLInsecureRenegotiation directive should be added from upstream, to allow renegotiation with unpatched clients, after the fix for CVE-2009-3555 was implemented in OpenSSL. http://svn.apache.org/viewvc?rev=906039&view=rev See bug #566659 for more details.
Please be so kind and add a few key words to the technical note of this bugzilla entry using the following structure: Cause: Consequence: Fix: Result: For more details on CCFR texts, see: https://bugzilla.redhat.com/page.cgi?id=fields.html#cf_release_notes
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause Consequence: Fix: Result:
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0237.html