You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rj...@apache.org on 2010/03/15 17:01:35 UTC
svn commit: r923313 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Author: rjung
Date: Mon Mar 15 16:01:35 2010
New Revision: 923313
URL: http://svn.apache.org/viewvc?rev=923313&view=rev
Log:
Correct referenced OpenSSL version.
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=923313&r1=923312&r2=923313&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Mon Mar 15 16:01:35 2010
@@ -1821,8 +1821,8 @@ during a renegotiation. This vulnerabil
server. A protocol extension was developed which fixed this
vulnerability if supported by both client and server.</p>
-<p>If <module>mod_ssl</module> is linked against OpenSSL version 1.0.0
-Beta 5 or later, by default renegotiation is only supported with
+<p>If <module>mod_ssl</module> is linked against OpenSSL version 0.9.8m
+or later, by default renegotiation is only supported with
clients supporting the new protocol extension. If this directive is
enabled, renegotiation will be allowed with old (unpatched) clients,
albeit insecurely.</p>