Apache/mod_ssl vulnerability and mitigation
The following announcement has just been made to the announce mailing list: Apache httpd is affected by CVE-2009-3555[1] (The SSL Injection or MiM attack[2]). The Apache httpd webserver relies on OpenSSL for the implementation of the SSL/TLS protocol. We strongly urge you to upgrade to OpenSSL 0.9.8l; and to be prepared to deploy OpenSSL 0.9.8m [...]
