[09:54] <man-di> moin vi1 
[09:54] <man-di> do you have knowlegde about tomcat?
[09:54] <vi1> hey man-di
[09:55] <vi1> somewhat
[09:55] <man-di> I'm currently looking into http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=423435
[09:55] <man-di> any idea how to disable the anonymous cipher?
[09:56] <vi1> sorry, no idea
[09:56] <man-di> np
[10:00] <vi1> man-di, maybe this one ... http://mail-archives.apache.org/mod_mbox/tomcat-users/200403.mbox/%3cc4b7hq$9u1$1@sea.gmane.org%3e
[10:05] <vi1> http://tomcat.apache.org/tomcat-5.5-doc/config/http.html
[10:06] <vi1> and also http://tomcat.apache.org/security-5.html mentions that this should be fixed in the future releases
[10:07] <man-di> yes, I saw all this
[10:07] <man-di> the problem is that I need to find the fix that fixed that issue to get it into Debian etch
[10:07] <man-di> I cant just package a new upstream
[10:08] <man-di> and the diff between 5.5.17 and 5.5.18 is very huge
[10:08] <man-di> and the for 5.0.x series there is no fixed version