-
Notifications
You must be signed in to change notification settings - Fork 826
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dovecot: Fix for logjam attack #372
Conversation
Running this, I'm getting:
|
Interesting. Works for me with |
I'm running wheezy. Is that version from wheezy-backports? https://packages.debian.org/wheezy-backports/dovecot-core |
I'm trying out Jessie, so perhaps it's only available in the latest Debian release. |
Works for me with dovecot-core 2.2.9-1ubuntu2.1.
|
I got the same errors as @jplock when I upgraded my box to the current master head. I had to upgrade dovecot using wheezy-backports:
Then I re-ran the playbook. Not a huge deal if we're moving to Jessie soon, but master is unfortunately broken right now. |
Should be fixed by 34448d5 |
I ran the playbook including @al3x's fix, but now I'm unable to retrieve mail, either through IMAP or Roundcube. Any ideas? (I'm still on wheezy) Thanks. |
@iboxifoo Try removing the line with "ssl_dh_parameters_length = 2048" from your dovecot ssl config file |
@neuhaus That did the trick! Any implications in commenting out line? Thanks |
@iboxifoo You should eventually put it back in when you upgrade to Dovecot 2.2+ (which comes with Debian Jessie for example). |
got it. thanks so much.
|
I was able to upgrade
Any suggestions? |
Did you install the dovecot packages manually? |
I found and fixed another issue with the wheezy-backports change in commit 570beba. librrd2-dev (required for collectd) also needs to be from wheezy-backports to avoid package conflicts. |
See also: https://weakdh.org/sysadmin.html