Revert "disable SSLv3 by default again" on released branch.
This reverts commit 80b5477597
.
Conflicts:
openssl.spec
This commit is contained in:
parent
7e7e3f299f
commit
4fcc430a48
|
@ -5,8 +5,8 @@ diff -up openssl-1.0.1h/ssl/ssl_lib.c.v2v3 openssl-1.0.1h/ssl/ssl_lib.c
|
|||
*/
|
||||
ret->options |= SSL_OP_LEGACY_SERVER_CONNECT;
|
||||
|
||||
+ /* Disable SSLv2 and SSLv3 by default (affects the SSLv23_method() only) */
|
||||
+ ret->options |= SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
|
||||
+ /* Disable SSLv2 by default (affects the SSLv23_method() only) */
|
||||
+ ret->options |= SSL_OP_NO_SSLv2;
|
||||
+
|
||||
return(ret);
|
||||
err:
|
||||
|
|
|
@ -481,11 +481,6 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
|
|||
* Fri Jan 9 2015 Tomáš Mráz <tmraz@redhat.com> 1.0.1k-1
|
||||
- new upstream release fixing multiple security issues
|
||||
|
||||
* Thu Nov 20 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1j-3
|
||||
- disable SSLv3 by default again (mail servers and possibly
|
||||
LDAP servers should probably allow it explicitly for legacy
|
||||
clients)
|
||||
|
||||
* Tue Oct 21 2014 Tomáš Mráz <tmraz@redhat.com> 1.0.1j-2
|
||||
- update the FIPS RSA keygen to be FIPS 186-4 compliant
|
||||
|
||||
|
|
Loading…
Reference in New Issue