From 93a6ce5c73d259de8254f19b550324b2d5b5d005 Mon Sep 17 00:00:00 2001
From: Tatsuya Kinoshita <tats@vega.ocn.ne.jp>
Date: Wed, 4 May 2011 16:37:56 +0900
Subject: Releasing debian version 0.5.2-5

---
 debian/patches/70_ssl-init.patch | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 debian/patches/70_ssl-init.patch

(limited to 'debian/patches/70_ssl-init.patch')

diff --git a/debian/patches/70_ssl-init.patch b/debian/patches/70_ssl-init.patch
new file mode 100644
index 0000000..6d19279
--- /dev/null
+++ b/debian/patches/70_ssl-init.patch
@@ -0,0 +1,25 @@
+Description: Force ssl_verify_server on and disable SSLv2 support
+Origin: http://www.openwall.com/lists/oss-security/2010/06/14/4
+Author: Ludwig Nussel <ludwig.nussel@suse.de>
+Bug-Debian: http://bugs.debian.org/587445
+
+--- w3m-0.5.2.orig/fm.h
++++ w3m-0.5.2/fm.h
+@@ -1120,7 +1120,7 @@ global int view_unseenobject init(TRUE);
+ #endif
+ 
+ #if defined(USE_SSL) && defined(USE_SSL_VERIFY)
+-global int ssl_verify_server init(FALSE);
++global int ssl_verify_server init(TRUE);
+ global char *ssl_cert_file init(NULL);
+ global char *ssl_key_file init(NULL);
+ global char *ssl_ca_path init(NULL);
+@@ -1129,7 +1129,7 @@ global int ssl_path_modified init(FALSE)
+ #endif				/* defined(USE_SSL) &&
+ 				 * defined(USE_SSL_VERIFY) */
+ #ifdef USE_SSL
+-global char *ssl_forbid_method init(NULL);
++global char *ssl_forbid_method init("2");
+ #endif
+ 
+ global int is_redisplay init(FALSE);
-- 
cgit v1.2.3