Page 1 of 1

Logjam

Posted: Tue Jul 21, 2015 8:39 pm
by blkn
Hi folks,

Is there a way to mitigate Logjam vulnerability in Raspbian? AFAIK apache 2.2.x does not support SSLOpenSSLConfCmd which is needed to prevent it.

Thanks in advance!

Re: Logjam

Posted: Tue Jul 21, 2015 9:14 pm
by DougieLawson
It appears to be impossible to completely fix it in Raspbian Wheezy. The fix needs Apache2.4 which is in Raspbian Jessie.

Re: Logjam

Posted: Wed Jul 22, 2015 5:42 pm
by blkn
So can't we run apache/tls on Raspbian?

Re: Logjam

Posted: Wed Jul 22, 2015 5:58 pm
by Tom_A
DougieLawson wrote:It appears to be impossible to completely fix it in Raspbian Wheezy. The fix needs Apache2.4 which is in Raspbian Jessie.
Just curious, how is Nginx on Wheezy? Would that require Jessie as well to fix?

Re: Logjam

Posted: Wed Jul 22, 2015 10:01 pm
by r3d4
blkn wrote:So can't we run apache/tls on Raspbian?
You could try and build it!
But idk how far that might get you to a 'working' Apache2.4 .
Tom_A wrote:
DougieLawson wrote:It appears to be impossible to completely fix it in Raspbian Wheezy. The fix needs Apache2.4 which is in Raspbian Jessie.
Just curious, how is Nginx on Wheezy? Would that require Jessie as well to fix?
Presumably you could (at least try to) build the latest nginx on Wheezy ,...