Hello community,
here is the log from the commit of package wget for openSUSE:Factory checked in
at 2012-11-12 11:22:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/wget (Old)
and /work/SRC/openSUSE:Factory/.wget.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "wget", Maintainer is "m...@suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/wget/wget.changes 2012-10-03
10:14:47.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.wget.new/wget.changes 2012-11-12
11:22:24.000000000 +0100
@@ -1,0 +2,6 @@
+Mon Nov 12 02:04:05 UTC 2012 - crrodrig...@opensuse.org
+
+- wget-no-ssl-comp.patch: Since the apperance of the "CRIME attack"
+ (CVE-2012-4929) HTTPS clients must not negotatiate ssl compression.
+
+-------------------------------------------------------------------
New:
----
wget-no-ssl-comp.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ wget.spec ++++++
--- /var/tmp/diff_new_pack.VdVxfL/_old 2012-11-12 11:22:25.000000000 +0100
+++ /var/tmp/diff_new_pack.VdVxfL/_new 2012-11-12 11:22:25.000000000 +0100
@@ -31,6 +31,7 @@
Patch3: wget-sni.patch
Patch4: wget-stdio.h.patch
Patch5: wget-openssl-no-intern.patch
+Patch6: wget-no-ssl-comp.patch
BuildRequires: libpng-devel
%if 0%{suse_version} > 1110
BuildRequires: libproxy-devel
@@ -55,6 +56,7 @@
%patch3
%patch4 -p1
%patch5
+%patch6
%build
%if 0%{suse_version} > 1110
++++++ wget-no-ssl-comp.patch ++++++
--- src/openssl.c.orig
+++ src/openssl.c
@@ -248,6 +248,10 @@ ssl_init ()
/* Keep memory usage as low as possible */
SSL_CTX_set_mode (ssl_ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
+#ifdef SSL_OP_NO_COMPRESSION
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);
+#endif
+
return true;
error:
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
