Ubuntu
apache2 package

Impossible to disable TLSv1.1 and TLSv1.2 without disabling TLSv1

Bug #1200136 reported by Kevin Pattison
20
This bug affects 2 people
Affects Status Importance Assigned to Milestone
apache2 (Ubuntu)
Fix Released
Wishlist
Unassigned

Bug Description

There are no configuration options supported by Ubuntu's mod_ssl that allow you to disable TLSv1.1 and 1.2. The SSLProtocol should support "-TLSv1.1" and "-TLSv1.2" but if these are used a config error is shown on Apache server restart.

Revision history for this message
Kevin Pattison (kevpatts) wrote :

This is a serious issue for some 12.04 LTS users and although it is resolved in later releases, shold be resolved in 12.04.

Yolanda Robla (yolanda.robla)
Changed in apache2 (Ubuntu):
importance: Undecided → Wishlist
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in apache2 (Ubuntu):
status: New → Confirmed
Revision history for this message
Robie Basak (racb) wrote :

If this is fixed in the current development release (Trusty), then the correct bug status is Fix Released.

For a fix to 12.04, see https://wiki.ubuntu.com/StableReleaseUpdates for the policy and procedure. If someone can provide a minimal patch and test case, then that would be appreciated. Please add these to this bug, and then ask some in #ubuntu-bugs to add a Precise task to this bug.

Changed in apache2 (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.