[SAC] [OSGeo] #1480: osgeo.org vulnerable to FREAK SSL/TLS vulnerability

OSGeo trac_osgeo at osgeo.org
Wed Mar 4 10:22:53 PST 2015


#1480: [SAC] osgeo.org vulnerable to FREAK SSL/TLS vulnerability
---------------------------+------------------------------------------------
 Reporter:  dmorissette    |       Owner:  sac@…              
     Type:  task           |      Status:  new                
 Priority:  normal         |   Milestone:                     
Component:  Systems Admin  |    Keywords:                     
---------------------------+------------------------------------------------

Comment(by wildintellect):

 The solution is to modify a few lines in the apache SSL conf to disable
 clients from being able to downgrade the cipher.

 This site will help generate the correct lines to disable bad ciphers.
 Need the apache version and ssl version. This fix is similar to previous
 SSL related fixes over the last year.
 https://mozilla.github.io/server-side-tls/ssl-config-generator/

-- 
Ticket URL: <http://trac.osgeo.org/osgeo/ticket/1480#comment:1>
OSGeo <http://www.osgeo.org/>
OSGeo committee and general foundation issue tracker.


More information about the Sac mailing list