[packages/dovecot] Disabled SSLv3 in default configuration.

Mon, 19 Jan 2015 00:22:28 -0800 

commit 5a0821caf6239564322a754a0aa03acaebeb0036
Author: Michał Giżyński <[email protected]>
Date:   Mon Jan 19 09:17:58 2015 +0100

    Disabled SSLv3 in default configuration.

 dovecot-disableSSLv3.patch | 16 ++++++++++++++++
 dovecot.spec               |  4 +++-
 2 files changed, 19 insertions(+), 1 deletion(-)
---
diff --git a/dovecot.spec b/dovecot.spec
index 2cf9062..bffe66e 100644
--- a/dovecot.spec
+++ b/dovecot.spec
@@ -12,7 +12,7 @@ Summary:      IMAP and POP3 server written with security 
primarily in mind
 Summary(pl.UTF-8):     Serwer IMAP i POP3 pisany głównie z myślą o 
bezpieczeństwie
 Name:          dovecot
 Version:       2.2.15
-Release:       2
+Release:       3
 Epoch:         1
 License:       MIT (libraries), LGPL v2.1 (the rest)
 Group:         Networking/Daemons
@@ -25,6 +25,7 @@ Source4:      %{name}.tmpfiles
 Patch0:                %{name}-config.patch
 Patch1:                %{name}-rpath.patch
 Patch2:                %{name}-exttextcat.patch
+Patch3:                %{name}-disableSSLv3.patch
 URL:           http://dovecot.org/
 BuildRequires: autoconf
 BuildRequires: automake
@@ -156,6 +157,7 @@ Współdzielone biblioteki Dovecota.
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
+%patch3 -p2
 
 %{__sed} -i 's,/usr/lib/dovecot,%{_libdir}/dovecot,g' 
doc/example-config/*.conf doc/example-config/conf.d/*.conf
 
diff --git a/dovecot-disableSSLv3.patch b/dovecot-disableSSLv3.patch
new file mode 100644
index 0000000..f1884b8
--- /dev/null
+++ b/dovecot-disableSSLv3.patch
@@ -0,0 +1,16 @@
+diff -urN dovecot/dovecot-2.2.15/doc/example-config/conf.d/10-ssl.conf 
dovecotorg/dovecot-2.2.15/doc/example-config/conf.d/10-ssl.conf
+--- dovecot/dovecot-2.2.15/doc/example-config/conf.d/10-ssl.conf       
2014-10-03 16:36:00.000000000 +0200
++++ dovecotorg/dovecot-2.2.15/doc/example-config/conf.d/10-ssl.conf    
2015-01-16 15:52:55.917727519 +0100
+@@ -46,10 +46,10 @@
+ #ssl_dh_parameters_length = 1024
+ 
+ # SSL protocols to use
+-#ssl_protocols = !SSLv2
++ssl_protocols = !SSLv2 !SSLv3
+ 
+ # SSL ciphers to use
+-#ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
++ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!SSLv3
+ 
+ # Prefer the server's order of ciphers over client's.
+ #ssl_prefer_server_ciphers = no
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/dovecot.git/commitdiff/5a0821caf6239564322a754a0aa03acaebeb0036

_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit

Reply via email to