Comment 20 for bug 1068854

(In reply to comment #14)
> Apache httpd web server mod_ssl module upstream bug:
> https://issues.apache.org/bugzilla/show_bug.cgi?id=53219

Note that the SSLCompession configuration option was not added in response to CRIME, but was requested and implemented earlier. Also see comment #5 that describes workaround that can be used for httpd / mod_ssl in existing Red Hat Enterprise Linux version without further changes.