[httpd] pull in httpd-filesystem as Requires(pre) (#1128328)

jorton jorton at fedoraproject.org
Fri Aug 29 13:45:55 UTC 2014 

commit 793563ad40c65d89906e61a3f83ded4dcb7996f8
Author: Joe Orton <jorton at redhat.com>
Date:   Fri Aug 29 14:45:59 2014 +0100

    pull in httpd-filesystem as Requires(pre) (#1128328)
    
    - fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348)
    - require hostname for mod_ssl post script (#1135118)
    Resolves: rhbz#1135118
    Resolves: rhbz#1134348
    Resolves: rhbz#1128328

 httpd.spec |    6 +++++-
 ssl.conf   |    2 +-
 2 files changed, 6 insertions(+), 2 deletions(-)
---
diff --git a/httpd.spec b/httpd.spec
index ed5e365..05ba3d7 100644
--- a/httpd.spec
+++ b/httpd.spec
@@ -148,10 +148,12 @@ Group: System Environment/Daemons
 Summary: SSL/TLS module for the Apache HTTP Server
 Epoch: 1
 BuildRequires: openssl-devel
-Requires(post): openssl, /bin/cat
+Requires(post): openssl, /bin/cat, /bin/hostname
 Requires(pre): httpd-filesystem
 Requires: httpd = 0:%{version}-%{release}, httpd-mmn = %{mmnisa}
 Obsoletes: stronghold-mod_ssl
+# Require an OpenSSL which supports PROFILE=SYSTEM
+Conflicts: openssl < 1:1.0.1h-4
 
 %description -n mod_ssl
 The mod_ssl module provides strong cryptography for the Apache Web
@@ -669,6 +671,8 @@ rm -rf $RPM_BUILD_ROOT
 %changelog
 * Fri Aug 29 2014 Joe Orton <jorton at redhat.com> - 2.4.10-8
 - pull in httpd-filesystem as Requires(pre) (#1128328)
+- fix cipher selection in default ssl.conf, depend on new OpenSSL (#1134348)
+- require hostname for mod_ssl post script (#1135118)
 
 * Fri Aug 22 2014 Jan Kaluza <jkaluza at redhat.com> - 2.4.10-7
 - mod_systemd: updated to the latest version
diff --git a/ssl.conf b/ssl.conf
index c6b1b27..9dba7c9 100644
--- a/ssl.conf
+++ b/ssl.conf
@@ -80,7 +80,7 @@ SSLProtocol all -SSLv2
 # The OpenSSL system profile is configured by default.  See
 # update-crypto-policies(8) for more details.
 #SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
-SSLCipherSuite PROFILE=DEFAULT
+SSLCipherSuite PROFILE=SYSTEM
 
 #   Speed-optimized SSL Cipher configuration:
 #   If speed is your main concern (on busy HTTPS servers e.g.),

More information about the scm-commits mailing list