diff options
author | Tatsuya Kinoshita <tats@debian.org> | 2014-10-15 09:14:12 +0000 |
---|---|---|
committer | Tatsuya Kinoshita <tats@debian.org> | 2014-10-15 09:14:12 +0000 |
commit | 1aace42d026c7df31c4762ef1095ce83450916fc (patch) | |
tree | 4e77f6facf174e40f431a489de30a371d147bbf0 /fm.h | |
parent | Force ssl_verify_server on and disable SSLv2 support (diff) | |
download | w3m-1aace42d026c7df31c4762ef1095ce83450916fc.tar.gz w3m-1aace42d026c7df31c4762ef1095ce83450916fc.zip |
Disable SSLv3 by default [CVE-2014-3566]
cf. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
Diffstat (limited to '')
-rw-r--r-- | fm.h | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -1144,7 +1144,7 @@ global int ssl_path_modified init(FALSE); #endif /* defined(USE_SSL) && * defined(USE_SSL_VERIFY) */ #ifdef USE_SSL -global char *ssl_forbid_method init("2"); +global char *ssl_forbid_method init("2, 3"); #endif global int is_redisplay init(FALSE); |