enterprise-support team mailing list archive

Thread
Date

[Bug 1346498] [NEW] [SRU] Apache mod_ssl: enable support for ECC keys and ECDH ciphers.

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: JorSol <1346498@xxxxxxxxxxxxxxxxxx>
Date: Mon, 21 Jul 2014 19:42:32 -0000
Reply-to: Bug 1346498 <1346498@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

[Impact] 
Apache 2.2.26 add support for ECC keys and ECDH ciphers wich offers security improvements to SSL connections and potentialy limit the vector of attacks agains bugs like Heartbleed and allows the use of forward secrecy.

Since Ubuntu 12.04 is supported until April 2017 this feature should be
backported for those people that can't/want upgrade to Apache 2.4+
(Ubuntu 14.04) in the near term.

[Test Case]
Test a cipher suite using ECDH with no success.
openssl s_client -cipher "ECDHE-RSA-AES128-SHA256" -connect localhost:443

[Regression Potential] 
The regression potential is near to zero, since it just adds more ciphers to Apache.

** Affects: apache2 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1346498

Title:
  [SRU] Apache mod_ssl: enable support for ECC keys and ECDH ciphers.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1346498/+subscriptions

Follow ups

[Bug 1346498] Re: [SRU] Apache mod_ssl: enable support for ECC keys and ECDH ciphers.
From: JorSol, 2014-09-16
[Bug 1346498] [NEW] [SRU] Apache mod_ssl: enable support for ECC keys and ECDH ciphers.
From: JorSol, 2014-07-21

References

[Bug 1346498] [NEW] [SRU] Apache mod_ssl: enable support for ECC keys and ECDH ciphers.
From: JorSol, 2014-07-21