Timeline
Oct 11, 2014:
- 7:48 PM Changeset [2631] by
- Add configuration for www.achernya.com since the cert is for that too
- 7:45 PM Changeset [2630] by
- Certificate and configuration for vasilvv.org
Oct 10, 2014:
- 12:03 AM Changeset [2629] by
- Certificate and configuration for log.vasilvv.org
Oct 9, 2014:
- 9:48 PM Changeset [2628] by
- Hidden intermediate is hidden
- 9:39 PM Changeset [2627] by
- Certificate renewal for achernya.com
- 9:21 PM Changeset [2626] by
- scripts.mit.edu and *.scripts.mit.edu sha256 certs
- 3:41 AM Changeset [2625] by
- Patch httpd crash when using SSL variables on non-SSL connections https://issues.apache.org/bugzilla/show_bug.cgi?id=57070
Oct 8, 2014:
- 9:11 PM Changeset [2624] by
- SHA256 MITcert renewals
Oct 6, 2014:
- 10:33 PM Changeset [2623] by
- SHA256 renewal for feed.mit.edu
Oct 5, 2014:
- 8:00 PM Ticket #387 (OpenAFS getcwd() sometimes returns ENOENT) reopened by
- This bug has reappeared with the upgrade from 1.6.8 to 1.6.10pre1. :-( …
- 7:19 PM Changeset [2622] by
- Block a spammy user
Oct 4, 2014:
- 10:42 PM Changeset [2621] by
- Enforce a modern TLS cipher suite order This configuration was copied from the backward compatibility configuration at https://wiki.mozilla.org/Security/Server_Side_TLS, version 3/3.1/3.2.
Sep 30, 2014:
- 2:37 PM Ticket #404 (Use tmpl_context, not threading.local(), for request-local state) created by
- Pony tries to use threading.local() to store request-local state, …
Sep 26, 2014:
- 5:20 AM Changeset [2620] by
- Revert r2619 “bash: Disable function imports” The fixes applied in bash 4.2.48-2 are convincing. Specifically, function exports now use the variable ‘BASH_FUNC_foo()’ instead of ‘foo’, and will be blocked by suexec or anything that puts nonzero effort into sanitizing the environment. And we don’t want to maintain bash forever.
Sep 24, 2014:
- 9:13 PM Changeset [2619] by
- bash: Disable function imports The upstream fix for CVE-2014-6271 isn’t good enough. Furthermore, even if they were completely fixed to operate as intended, they are still a bad idea to begin with. Disable this feature entirely.
Sep 22, 2014:
- 6:45 PM Changeset [2618] by
- ip[6]tables: Really ignore SMTP to localhost Packets in OUTPUT have an output interface, not an input interface.
- 5:08 PM Ticket #403 (‘service ip6tables restart’ angers /etc/scripts/modprobe, fails) created by
- […]
- 4:59 PM Changeset [2617] by
- ip[6]tables: Ignore SMTP to localhost
Sep 16, 2014:
- 11:37 PM Changeset [2616] by
- Certificate and reified vhost config for linguistics
Sep 15, 2014:
- 11:08 PM Changeset [2615] by
- Upgrade OpenAFS to 1.6.10pre1 for kernel 3.16 support
Sep 14, 2014:
- 10:23 PM Changeset [2614] by
- Configure iptables for logging user-generated direct SMTP traffic.
- 10:12 PM Changeset [2613] by
- Upstream stock version of ip6tables-config
Sep 13, 2014:
- 4:19 PM Changeset [2612] by
- Add /etc/securetty, since we need to add ttyS0 to it now.
Note: See TracTimeline
for information about the timeline view.
