Comment 3 for bug 1077434

Robie Basak (racb) wrote :

Sorry, based on your original description I was under the impression that you had upgraded from 8.04 to 10.04, rather than having just applied an update within the same release.

There was a recent SSL-related security update:

  * SECURITY UPDATE: CRIME attack ssl attack (LP: #1068854)
    - debian/patches/303_CVE-2012-4929.dpatch: backport SSLCompression
      on|off directive. Defaults to off as enabling compression enables the
      CRIME attack.
    - CVE-2012-4929

I wonder if this is related.