Bug#913251: SSL: renegotiation initiated by client, killing connection
Package: lighttpd
Version: 1.4.49-1.1+b1
Severity: important
Dear Maintainer,
TLS appears to be unusable.. probably fixed in 1.4.51
Gr,
Olaf
https://redmine.lighttpd.net/issues/2912
2018-11-08 19:00:46: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection
2018-11-08 19:00:46: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection
2018-11-08 19:00:54: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection
2018-11-08 19:00:54: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection
2018-11-08 19:00:54: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection
2018-11-08 19:00:54: (mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 4.18.0-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages lighttpd depends on:
ii libattr1 1:2.4.47-2+b2
ii libbz2-1.0 1.0.6-9
ii libc6 2.27-8
ii libfam0 2.7.0-17.2+b1
ii libldap-2.4-2 2.4.46+dfsg-5+b1
ii libmariadbclient18 1:10.1.37-1
ii libpcre3 2:8.39-11
ii libssl1.1 1.1.1-2
ii lsb-base 9.20170808
ii mime-support 3.61
ii zlib1g 1:1.2.11.dfsg-1
Versions of packages lighttpd recommends:
ii spawn-fcgi 1.6.4-2
Versions of packages lighttpd suggests:
pn apache2-utils <none>
pn lighttpd-doc <none>
ii openssl 1.1.1-2
pn php-cgi <none>
pn rrdtool <none>
-- no debconf information
Reply to: