diff options
Diffstat (limited to 'main/spice/CVE-2021-20201.patch')
-rw-r--r-- | main/spice/CVE-2021-20201.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/main/spice/CVE-2021-20201.patch b/main/spice/CVE-2021-20201.patch deleted file mode 100644 index 9c633c89e25..00000000000 --- a/main/spice/CVE-2021-20201.patch +++ /dev/null @@ -1,36 +0,0 @@ -From ca5bbc5692e052159bce1a75f55dc60b36078749 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Julien=20Rop=C3=A9?= <jrope@redhat.com> -Date: Wed, 2 Dec 2020 13:39:27 +0100 -Subject: [PATCH] With OpenSSL 1.1: Disable client-initiated renegotiation. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Fixes issue #49 -Fixes BZ#1904459 - -Signed-off-by: Julien Ropé <jrope@redhat.com> -Reported-by: BlackKD -Acked-by: Frediano Ziglio <fziglio@redhat.com> ---- - server/reds.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/server/reds.c b/server/reds.c -index fe69508e..f61086cb 100644 ---- a/server/reds.c -+++ b/server/reds.c -@@ -2753,6 +2753,10 @@ static int reds_init_ssl(RedsState *reds) - * When some other SSL/TLS version becomes obsolete, add it to this - * variable. */ - long ssl_options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION | SSL_OP_NO_TLSv1; -+#ifdef SSL_OP_NO_RENEGOTIATION -+ // With OpenSSL 1.1: Disable all renegotiation in TLSv1.2 and earlier -+ ssl_options |= SSL_OP_NO_RENEGOTIATION; -+#endif - - /* Global system initialization*/ - openssl_global_init(); --- -GitLab - |