=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/errata48.html,v retrieving revision 1.6 retrieving revision 1.7 diff -c -r1.6 -r1.7 *** www/errata48.html 2011/01/13 16:36:58 1.6 --- www/errata48.html 2011/02/16 20:37:28 1.7 *************** *** 87,92 **** --- 87,131 ----
+ +
+ +
+ Applications are only affected if they act as a server and call
+ SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. It is believed
+ that nothing in the base OS uses this. Apache httpd started using this
+ in v2.3.3; this is newer than the version in ports.
+
+
+ A source code patch exists which remedies this problem.
+
+