You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2014/11/06 16:08:31 UTC

[2/2] git commit: updated refs/heads/4.4 to a458383

CVE­2014­3566: Avoid using SSLv3 on apache2 that runs on SSVM

Signed-off-by: Rohit Yadav <ro...@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/a458383d
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/a458383d
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/a458383d

Branch: refs/heads/4.4
Commit: a458383d0a27d012ac0acbd8d84198b52d4ae2cc
Parents: e274948
Author: Rohit Yadav <ro...@shapeblue.com>
Authored: Thu Nov 6 20:36:43 2014 +0530
Committer: Rohit Yadav <ro...@shapeblue.com>
Committed: Thu Nov 6 20:36:43 2014 +0530

----------------------------------------------------------------------
 tools/appliance/definitions/systemvm64template/postinstall.sh | 1 +
 tools/appliance/definitions/systemvmtemplate/postinstall.sh   | 1 +
 2 files changed, 2 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/a458383d/tools/appliance/definitions/systemvm64template/postinstall.sh
----------------------------------------------------------------------
diff --git a/tools/appliance/definitions/systemvm64template/postinstall.sh b/tools/appliance/definitions/systemvm64template/postinstall.sh
index ad40303..a4d3cbe 100644
--- a/tools/appliance/definitions/systemvm64template/postinstall.sh
+++ b/tools/appliance/definitions/systemvm64template/postinstall.sh
@@ -215,6 +215,7 @@ configure_apache2() {
    # Backup stock apache configuration since we may modify it in Secondary Storage VM
    cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.orig
    cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/default-ssl.orig
+   sed -i 's/SSLProtocol all -SSLv2$/SSLProtocol all -SSLv2 -SSLv3/g' /etc/apache2/mods-available/ssl.conf
 }
 
 configure_services() {

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/a458383d/tools/appliance/definitions/systemvmtemplate/postinstall.sh
----------------------------------------------------------------------
diff --git a/tools/appliance/definitions/systemvmtemplate/postinstall.sh b/tools/appliance/definitions/systemvmtemplate/postinstall.sh
index 3212c4f..b59d3aa 100644
--- a/tools/appliance/definitions/systemvmtemplate/postinstall.sh
+++ b/tools/appliance/definitions/systemvmtemplate/postinstall.sh
@@ -205,6 +205,7 @@ configure_apache2() {
    # Backup stock apache configuration since we may modify it in Secondary Storage VM
    cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.orig
    cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/default-ssl.orig
+   sed -i 's/SSLProtocol all -SSLv2$/SSLProtocol all -SSLv2 -SSLv3/g' /etc/apache2/mods-available/ssl.conf
 }
 
 configure_services() {