a new vulnerability in Diffie-Hellman, informally referred to as ‘logjam’, has been published on weakdh.org.
Debian Wheezy is running Apache v2.2.22 which does not support setting up the recommended individual DH key with a miminum size of 2048 using the “SSLOpenSSLConfCmd DHParameters [pemfile]” setting. That’s why I’ve manually recompiled the debian sources of Apache 2.2.22-13+deb7u4 patched with dh3072 (and optional if needed mpm-peruser support) for my i386 and amd64 platforms to fix this issue.
Thx. to Winni Neessen for publishing this nice patch: https://bitbucket.org/snippets/wneessen/grb8/untitled-snippet
In case you do not like to patch and compile the sources on your own you may download a copy of my compiled .deb-files:
- amd64 binaries: https://4ufiles.flo.sh/webhosting/apache2-mpm-peruser/debian-wheezy/amd64/apache2/
- i386 binaries: https://4ufiles.flo.sh/webhosting/apache2-mpm-peruser/debian-wheezy/i386/apache2/
Using “uname -m” and “dpkg –get-selections | grep apache2” you can determine which file(s) you need to download. Simply run “dpkg -i apache2*.deb” to install the files. Take care to maybe pick a hold on the packets until the Debian security team offers an official fix for this issue.
Thank you very much!
Yes !! thank you, worked also for me..
at ssllabs, .. from A+ to B, now with this packages, back to A+
thank you for this hint!