Integrate Debian changes into 020_debian.patch (closes: #776112)

(debian/patches/*.patch except 010_upstream.patch are merged)

1 files changed, 0 insertions, 29 deletions

diff --git a/debian/patches/260_openssl.patch b/debian/patches/260_openssl.patch
deleted file mode 100644
index 85c32c8..0000000
--- a/debian/patches/260_openssl.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-Subject: OpenSSL issues
-Author: Cristian Rodriguez <crrodriguez@opensuse.org>
-Origin: https://build.opensuse.org/request/show/141054
-Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2012-4929
-
-  Mon Nov 12 18:26:45 UTC 2012 - crrodriguez@opensuse.org
-  - Due to the "CRIME attack" (CVE-2012-4929) HTTPS clients
-    that negotiate TLS-level compression can be abused for
-    MITM attacks. (w3m-openssl.patch) 
-  - Use SSL_MODE_RELEASE_BUFFERS if available .
-
---- w3m.orig/url.c
-+++ w3m/url.c
-@@ -337,7 +337,15 @@ openSSLHandle(int sock, char *hostname,
- 	    if (strchr(ssl_forbid_method, 'T'))
- 		option |= SSL_OP_NO_TLSv1;
- 	}
-+#ifdef SSL_OP_NO_COMPRESSION
-+	option |= SSL_OP_NO_COMPRESSION;
-+#endif
- 	SSL_CTX_set_options(ssl_ctx, option);
-+
-+#ifdef SSL_MODE_RELEASE_BUFFERS
-+	SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
-+#endif
-+
- #ifdef USE_SSL_VERIFY
- 	/* derived from openssl-0.9.5/apps/s_{client,cb}.c */
- #if 1				/* use SSL_get_verify_result() to verify cert */