aboutsummaryrefslogtreecommitdiffstats
path: root/debian/patches/70_ssl-init.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/70_ssl-init.patch')
-rw-r--r--debian/patches/70_ssl-init.patch25
1 files changed, 25 insertions, 0 deletions
diff --git a/debian/patches/70_ssl-init.patch b/debian/patches/70_ssl-init.patch
new file mode 100644
index 0000000..6d19279
--- /dev/null
+++ b/debian/patches/70_ssl-init.patch
@@ -0,0 +1,25 @@
+Description: Force ssl_verify_server on and disable SSLv2 support
+Origin: http://www.openwall.com/lists/oss-security/2010/06/14/4
+Author: Ludwig Nussel <ludwig.nussel@suse.de>
+Bug-Debian: http://bugs.debian.org/587445
+
+--- w3m-0.5.2.orig/fm.h
++++ w3m-0.5.2/fm.h
+@@ -1120,7 +1120,7 @@ global int view_unseenobject init(TRUE);
+ #endif
+
+ #if defined(USE_SSL) && defined(USE_SSL_VERIFY)
+-global int ssl_verify_server init(FALSE);
++global int ssl_verify_server init(TRUE);
+ global char *ssl_cert_file init(NULL);
+ global char *ssl_key_file init(NULL);
+ global char *ssl_ca_path init(NULL);
+@@ -1129,7 +1129,7 @@ global int ssl_path_modified init(FALSE)
+ #endif /* defined(USE_SSL) &&
+ * defined(USE_SSL_VERIFY) */
+ #ifdef USE_SSL
+-global char *ssl_forbid_method init(NULL);
++global char *ssl_forbid_method init("2");
+ #endif
+
+ global int is_redisplay init(FALSE);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 03:16:20 +0000