diff options
author | Tatsuya Kinoshita <tats@vega.ocn.ne.jp> | 2011-05-04 07:37:56 +0000 |
---|---|---|
committer | Tatsuya Kinoshita <tats@vega.ocn.ne.jp> | 2011-05-04 07:37:56 +0000 |
commit | 93a6ce5c73d259de8254f19b550324b2d5b5d005 (patch) | |
tree | e79af60d9addb5caca5eaf9063438655512b51d9 /debian/patches/70_ssl-init.patch | |
parent | Releasing debian version 0.5.2-4 (diff) | |
download | w3m-93a6ce5c73d259de8254f19b550324b2d5b5d005.tar.gz w3m-93a6ce5c73d259de8254f19b550324b2d5b5d005.zip |
Releasing debian version 0.5.2-5debian/0.5.2-5
Diffstat (limited to '')
-rw-r--r-- | debian/patches/70_ssl-init.patch | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/debian/patches/70_ssl-init.patch b/debian/patches/70_ssl-init.patch new file mode 100644 index 0000000..6d19279 --- /dev/null +++ b/debian/patches/70_ssl-init.patch @@ -0,0 +1,25 @@ +Description: Force ssl_verify_server on and disable SSLv2 support +Origin: http://www.openwall.com/lists/oss-security/2010/06/14/4 +Author: Ludwig Nussel <ludwig.nussel@suse.de> +Bug-Debian: http://bugs.debian.org/587445 + +--- w3m-0.5.2.orig/fm.h ++++ w3m-0.5.2/fm.h +@@ -1120,7 +1120,7 @@ global int view_unseenobject init(TRUE); + #endif + + #if defined(USE_SSL) && defined(USE_SSL_VERIFY) +-global int ssl_verify_server init(FALSE); ++global int ssl_verify_server init(TRUE); + global char *ssl_cert_file init(NULL); + global char *ssl_key_file init(NULL); + global char *ssl_ca_path init(NULL); +@@ -1129,7 +1129,7 @@ global int ssl_path_modified init(FALSE) + #endif /* defined(USE_SSL) && + * defined(USE_SSL_VERIFY) */ + #ifdef USE_SSL +-global char *ssl_forbid_method init(NULL); ++global char *ssl_forbid_method init("2"); + #endif + + global int is_redisplay init(FALSE); |