CVE20143566: Avoid using SSLv3 on apache2 webserver used by SSVM

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2014-11-04 14:39:28 +05:30 · 2014-11-04 14:39:28 +05:30 · ce51fe32f9
parent 8b636bd41e
commit ce51fe32f9
1 changed files with 1 additions and 0 deletions
--- a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
@ -28,6 +28,7 @@ function configure_apache2() {
   # Backup stock apache configuration since we may modify it in Secondary Storage VM
   cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.orig
   cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/default-ssl.orig
+   sed -i 's/SSLProtocol all -SSLv2$/SSLProtocol all -SSLv2 -SSLv3/g' /etc/apache2/mods-available/ssl.conf
 }

 function install_cloud_scripts() {