aboutsummaryrefslogtreecommitdiffstats
path: root/debian/patches/260_openssl.patch
diff options
context:
space:
mode:
authorTatsuya Kinoshita <tats@debian.org>2015-01-24 14:36:40 +0000
committerTatsuya Kinoshita <tats@debian.org>2015-01-24 14:37:05 +0000
commit8595cb4102d547388d0d9e699d10a14f8f7aa71c (patch)
treecd27e4b710769000b651b9af4db2704a1cd328dd /debian/patches/260_openssl.patch
parentUpdate Vcs-Browser (diff)
downloadw3m-8595cb4102d547388d0d9e699d10a14f8f7aa71c.tar.gz
w3m-8595cb4102d547388d0d9e699d10a14f8f7aa71c.zip
Integrate Debian changes into 020_debian.patch (closes: #776112)
(debian/patches/*.patch except 010_upstream.patch are merged)
Diffstat (limited to 'debian/patches/260_openssl.patch')
-rw-r--r--debian/patches/260_openssl.patch29
1 files changed, 0 insertions, 29 deletions
diff --git a/debian/patches/260_openssl.patch b/debian/patches/260_openssl.patch
deleted file mode 100644
index 85c32c8..0000000
--- a/debian/patches/260_openssl.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-Subject: OpenSSL issues
-Author: Cristian Rodriguez <crrodriguez@opensuse.org>
-Origin: https://build.opensuse.org/request/show/141054
-Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2012-4929
-
- Mon Nov 12 18:26:45 UTC 2012 - crrodriguez@opensuse.org
- - Due to the "CRIME attack" (CVE-2012-4929) HTTPS clients
- that negotiate TLS-level compression can be abused for
- MITM attacks. (w3m-openssl.patch)
- - Use SSL_MODE_RELEASE_BUFFERS if available .
-
---- w3m.orig/url.c
-+++ w3m/url.c
-@@ -337,7 +337,15 @@ openSSLHandle(int sock, char *hostname,
- if (strchr(ssl_forbid_method, 'T'))
- option |= SSL_OP_NO_TLSv1;
- }
-+#ifdef SSL_OP_NO_COMPRESSION
-+ option |= SSL_OP_NO_COMPRESSION;
-+#endif
- SSL_CTX_set_options(ssl_ctx, option);
-+
-+#ifdef SSL_MODE_RELEASE_BUFFERS
-+ SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
-+#endif
-+
- #ifdef USE_SSL_VERIFY
- /* derived from openssl-0.9.5/apps/s_{client,cb}.c */
- #if 1 /* use SSL_get_verify_result() to verify cert */