* Add additional missing commits to TLSv1.3 support. (LP: #1867223)
- debian/patches/tlsv1.3-support-2.patch: fix whitespace and copy/paste
typos in modules/ssl/ssl_engine_kernel.c.
- debian/patches/tlsv1.3-support-3.patch: fail with 403 if
SSL_verify_client_post_handshake fails in
modules/ssl/ssl_engine_kernel.c.
- debian/patches/tlsv1.3-support-4.patch: disable AUTO_RETRY mode for
OpenSSL 1.1.1, which fixes post-handshake authentication in
modules/ssl/ssl_engine_init.c.
- debian/patches/tlsv1.3-support-5.patch: retrieve and set
sslconn->client_cert here for both "modern" and classic access
control in modules/ssl/ssl_engine_kernel.c.
-- Marc Deslauriers <email address hidden> Fri, 13 Mar 2020 08:26:16 -0400
This bug was fixed in the package apache2 - 2.4.29-1ubuntu4.13
--------------- 1ubuntu4. 13) bionic-security; urgency=medium
apache2 (2.4.29-
* Add additional missing commits to TLSv1.3 support. (LP: #1867223) patches/ tlsv1.3- support- 2.patch: fix whitespace and copy/paste ssl/ssl_ engine_ kernel. c. patches/ tlsv1.3- support- 3.patch: fail with 403 if verify_ client_ post_handshake fails in ssl/ssl_ engine_ kernel. c. patches/ tlsv1.3- support- 4.patch: disable AUTO_RETRY mode for ssl/ssl_ engine_ init.c. patches/ tlsv1.3- support- 5.patch: retrieve and set >client_ cert here for both "modern" and classic access ssl/ssl_ engine_ kernel. c.
- debian/
typos in modules/
- debian/
SSL_
modules/
- debian/
OpenSSL 1.1.1, which fixes post-handshake authentication in
modules/
- debian/
sslconn-
control in modules/
-- Marc Deslauriers <email address hidden> Fri, 13 Mar 2020 08:26:16 -0400