62339e2d49
Fixes <http://bugs.gnu.org/16791>. * gnu/packages/patches/w3m-force-ssl_verify_server-on.patch: New file. * gnu/packages/patches/w3m-disable-sslv2-and-sslv3.patch: New file. * gnu/packages/patches/w3m-disable-weak-ciphers.patch: New file. * gnu/packages/w3m.scm (w3m)[source]: Add patches. * gnu-system.am (dist_patch_DATA): Add the new files.
24 lines
584 B
Diff
24 lines
584 B
Diff
Subject: Disable SSLv2 and SSLv3.
|
|
|
|
The only remaining methods are TLSv1.* (the code never distinguishes
|
|
between TLSv1.0, TLSv1.1, and TLSv1.2).
|
|
---
|
|
fm.h | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/fm.h b/fm.h
|
|
index 320906c..ddcd4fc 100644
|
|
--- a/fm.h
|
|
+++ b/fm.h
|
|
@@ -1144,7 +1144,7 @@ global int ssl_path_modified init(FALSE);
|
|
#endif /* defined(USE_SSL) &&
|
|
* defined(USE_SSL_VERIFY) */
|
|
#ifdef USE_SSL
|
|
-global char *ssl_forbid_method init(NULL);
|
|
+global char *ssl_forbid_method init("2, 3");
|
|
#endif
|
|
|
|
global int is_redisplay init(FALSE);
|
|
--
|
|
2.6.4
|
|
|