# date:2015-05-19 owner:rohini type:bug bugdb:20231104
# Bug 20231104 disable SSLv3 in pidgin to avoid "POODLE" vulnerability
#
# These changes should be submitted upstream.
--- pidgin-2.10.11/libpurple/plugins/ssl/ssl-gnutls.c.orig 2015-05-19 15:11:42.975647130 +0530
+++ pidgin-2.10.11/libpurple/plugins/ssl/ssl-gnutls.c 2015-05-19 15:14:12.846033693 +0530
@@ -166,7 +166,7 @@
if (gnutls_priority_init(&default_priority, "NORMAL:%SSL3_RECORD_VERSION", NULL)) {
/* See comment above about memory leak */
gnutls_free(default_priority);
- gnutls_priority_init(&default_priority, "NORMAL", NULL);
+ gnutls_priority_init(&default_priority, "NORMAL:!VERS-SSL3.0:!VERS-TLS1.0", NULL);
}
}
#endif /* HAVE_GNUTLS_PRIORITY_FUNCS */