From 1aace42d026c7df31c4762ef1095ce83450916fc Mon Sep 17 00:00:00 2001
From: Tatsuya Kinoshita <tats@debian.org>
Date: Wed, 15 Oct 2014 18:14:12 +0900
Subject: Disable SSLv3 by default [CVE-2014-3566]

cf. https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
---
 fm.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'fm.h')

diff --git a/fm.h b/fm.h
index 9810c31..ddcd4fc 100644
--- a/fm.h
+++ b/fm.h
@@ -1144,7 +1144,7 @@ global int ssl_path_modified init(FALSE);
 #endif				/* defined(USE_SSL) &&
 				 * defined(USE_SSL_VERIFY) */
 #ifdef USE_SSL
-global char *ssl_forbid_method init("2");
+global char *ssl_forbid_method init("2, 3");
 #endif
 
 global int is_redisplay init(FALSE);
-- 
cgit v1.2.3