pidgin/patches/pidgin-16-poodle.patch

5089N/A# date:2015-05-19 owner:rohini type:bug bugdb:20231104
5089N/A# Bug 20231104 disable SSLv3 in pidgin to avoid "POODLE" vulnerability
5089N/A#
5089N/A# These changes should be submitted upstream.
5089N/A
5089N/A--- pidgin-2.10.11/libpurple/plugins/ssl/ssl-gnutls.c.orig  2015-05-19 15:11:42.975647130 +0530
5089N/A+++ pidgin-2.10.11/libpurple/plugins/ssl/ssl-gnutls.c   2015-05-19 15:14:12.846033693 +0530
5089N/A@@ -166,7 +166,7 @@
5089N/A        if (gnutls_priority_init(&default_priority, "NORMAL:%SSL3_RECORD_VERSION", NULL)) {
5089N/A            /* See comment above about memory leak */
5089N/A            gnutls_free(default_priority);
5089N/A-           gnutls_priority_init(&default_priority, "NORMAL", NULL);
5089N/A+           gnutls_priority_init(&default_priority, "NORMAL:!VERS-SSL3.0:!VERS-TLS1.0", NULL);
5089N/A        }
5089N/A    }
5089N/A #endif /* HAVE_GNUTLS_PRIORITY_FUNCS */