trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reindl Harald <>
Subject Re: [ANNOUNCE] Apache Traffic Server 5.3.1 is released!
Date Mon, 06 Jul 2015 10:51:26 GMT

TLS is fixed compared to 5.3.0 and no longer responding after testing 
with ssllabs (no shared ciphers error in FF), older TLS issues are still 

   Session resumption (tickets) 	Yes
   *why* when ssl_ticket_enabled=0 in each line
   of /etc/trafficserver/ssl_multicert.config

* still no "ab" benchmarking possible wich is *really* odd
   and as said multiple times that has nothing to do with
   SSL2/SSL3 enabled, it's disabled on httpd too and ab
   works just fine
   SSL handshake failed (1).
   routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake

Am 04.07.2015 um 18:08 schrieb Phil Sorber:
> Apache Traffic Server v5.3.1 Released
> The Apache Software Foundation and the Apache Traffic Server project
> are pleased to announce the release of Apache Traffic Server v5.3.1!
> This is our second stable release in the 5.3.x LTS branch, and is
> immediately available for download at:
> Upgrading from 5.x should be seamless. Upgrading from the previous
> releases, 3.2.0 and later, to v5.3.1 should preserve the cache and not
> require it to be cleared.  More details are available at:
> This release is primarily bug fixes. For a list of what’s changed in
> this release, please see
> For a list of all JIRA’s for this release, please see
> Of special note are two fixes for CVE-2015-3249 that effect the HTTP/2
> experimental feature in Apache Traffic Server 5.3.0. They are both DOS
> attacks and can be avoided by simply disabling HTTP/2 or upgrading to
> this release.
> 5.3.x will be the last minor version in the 5.x release and is a Long
> Term Support (LTS) release.
> Sincerely,
> -- The Apache Traffic Server community

View raw message