Overview
Request 156242 accepted
** you may want this for 12.3 ***
- Extend configure.diff so _GNU_SOURCE and largefile Support
is tested properly
- expand inks-nosslcomp.patch to fix other misuses of the openssl
API including TLSv1 being disabled (with the wrong API too)
- build with SSL_NO_INTERN so we can escape ABI breaks in future
openSSL versions
- links was used to demonstrate bnc#803004
"openSSL 1.0.1d breaks most, if not all, SSL connections"
It also turns out that links is not doing SSL stuff quite right..
HTTPS clients must not negotiate SSL compression which is compromised
since CVE-2012-4929 (aka. the CRIME attack) and should not even
try to use SSLv2 either which is broken since a very long time
(links-nosslcomp.patch) (forwarded request 155072 from elvigia)
Request History
azouhr created request
** you may want this for 12.3 ***
- Extend configure.diff so _GNU_SOURCE and largefile Support
is tested properly
- expand inks-nosslcomp.patch to fix other misuses of the openssl
API including TLSv1 being disabled (with the wrong API too)
- build with SSL_NO_INTERN so we can escape ABI breaks in future
openSSL versions
- links was used to demonstrate bnc#803004
"openSSL 1.0.1d breaks most, if not all, SSL connections"
It also turns out that links is not doing SSL stuff quite right..
HTTPS clients must not negotiate SSL compression which is compromised
since CVE-2012-4929 (aka. the CRIME attack) and should not even
try to use SSLv2 either which is broken since a very long time
(links-nosslcomp.patch) (forwarded request 155072 from elvigia)
licensedigger accepted review
{"approve": "license and version number unchanged: 2.6"}
factory-auto added a reviewer
Please review sources
factory-auto accepted review
Builds for repo openSUSE_Factory
a_jaeger approved review
ok
a_jaeger accepted review
ok
coolo accepted request
checkin