Hi, Some of you have heard of CRIME, probably. from https://bugzilla.redhat.com/show_bug.cgi?id=857051 > Adding the following line to the /etc/sysconfig/httpd file: > > export OPENSSL_NO_DEFAULT_ZLIB=1 But there are other services but http that use ssl and are vulnerable? What is the optimal place for setting this environment variable system wide? I tried to set it in /etc/profile.d/CRIME.sh /etc/bashrc without success. -- Kind Regards, Markus Falb _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
SSL CRIME
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: centos@xxxxxxxxxx
- Subject: SSL CRIME
- From: Markus Falb <markus.falb@xxxxxxxx>
- Date: Mon, 24 Sep 2012 13:07:26 +0200
- Delivered-to: centos@xxxxxxxxxx
- User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:15.0) Gecko/20120907 Thunderbird/15.0.1
- Follow-Ups:
- Re: SSL CRIME
- From: Johnny Hughes
- Re: SSL CRIME
- From: Albert McCann
- Re: SSL CRIME
- From: Leon Fauster
- Re: SSL CRIME
- Prev by Date: Atheros Communications Inc. AR8161 Gigabit Ethernet
- Next by Date: Re: Atheros Communications Inc. AR8161 Gigabit Ethernet
- Previous by thread: Atheros Communications Inc. AR8161 Gigabit Ethernet
- Next by thread: Re: SSL CRIME
- Index(es):
 |