aboutsummaryrefslogtreecommitdiff
path: root/lib/curl_memory.h
diff options
context:
space:
mode:
authorYang Tse <yangsita@gmail.com>2012-01-18 04:33:49 +0100
committerYang Tse <yangsita@gmail.com>2012-01-18 11:59:20 +0100
commita20daf90e358c1476a325ea665d533f7a27e3364 (patch)
treed78d7d5e27923961a01d0f2dbd3b63aa279258e6 /lib/curl_memory.h
parent24526d0c0f4209eb77c807afdb15da301c7d021b (diff)
OpenSSL: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option is no longer enabled
SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option enabling allowed successfull interoperability with web server Netscape Enterprise Server 2.0.1 released back in 1996 more than 15 years ago. Due to CVE-2010-4180, option SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG has become ineffective as of OpenSSL 0.9.8q and 1.0.0c. In order to mitigate CVE-2010-4180 when using previous OpenSSL versions we no longer enable this option regardless of OpenSSL version and SSL_OP_ALL definition.
Diffstat (limited to 'lib/curl_memory.h')
0 files changed, 0 insertions, 0 deletions