You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2013/08/13 11:05:48 UTC

[Bug 54324] Support is required to disable TLS compression to prevent against CRIME attacks

https://issues.apache.org/bugzilla/show_bug.cgi?id=54324

Michael Osipov <19...@gmx.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |1983-01-06@gmx.net

--- Comment #8 from Michael Osipov <19...@gmx.net> ---
(In reply to Konstantin Kolinko from comment #7)
> Implemented in Tomcat 6.0 by r1461021 , will be in 6.0.37

Konstantin,

the fix for 6.0.x strays from the convention lowercase name for variables. See
http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/tomcat/util/net/AprEndpoint.java?r1=1461021&r2=1461020&pathrev=1461021

> protected boolean SSLDisableCompression = false;

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org