rpms / rhnlib

Clone
Source Code
GIT

Blame SOURCES/rhnlib-2.8.6-4-el8-to-rhnlib-2.8.6-5-el8.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-1.0 c8-stream-1.0
  1.   c8-stream-1.0
  2.   SOURCES
  3.   rhnlib-2.8.6-4-el8-to-rhnlib-2.8.6-5-el8.patch
Blob History Raw
fe4262 
diff --git a/rhn/SSL.py b/rhn/SSL.py
fe4262 
index f8a85bc..9b3c83b 100644
fe4262 
--- a/rhn/SSL.py
fe4262 
+++ b/rhn/SSL.py
fe4262 
@@ -89,6 +89,8 @@ class SSLSocket:
fe4262 
         self._check_closed()
fe4262 
         # Get a context
fe4262 
         self._ctx = SSL.Context(self._ssl_method)
fe4262 
+        self._ctx.set_options(SSL.OP_NO_SSLv2)
fe4262 
+        self._ctx.set_options(SSL.OP_NO_SSLv3)
fe4262 
         if self._trusted_certs:
fe4262 
             # We have been supplied with trusted CA certs
fe4262 
             for f in self._trusted_certs:
fe4262 
diff --git a/rhnlib.spec b/rhnlib.spec
fe4262 
index 1581072..1d197e9 100644
fe4262 
--- a/rhnlib.spec
fe4262 
+++ b/rhnlib.spec
fe4262 
@@ -7,7 +7,7 @@
fe4262 
 Summary: Python libraries for the Spacewalk project
fe4262 
 Name: rhnlib
fe4262 
 Version: 2.8.6
fe4262 
-Release: 4%{?dist}
fe4262 
+Release: 5%{?dist}
fe4262 
 URL:     https://github.com/spacewalkproject/spacewalk
fe4262 
 Source0: https://github.com/spacewalkproject/spacewalk/archive/%{name}-%{version}.tar.gz
fe4262
fe4262 
@@ -74,6 +74,10 @@ make -f Makefile.rhnlib
fe4262 
 %endif
fe4262
fe4262 
 %changelog
fe4262 
+* Fri Nov 02 2018 Tomas Kasparek <tkasparek@redhat.com> 2.8.6-5
fe4262 
+- Resolves: #1643415 - forbid old SSL versions during negotiation
fe4262 
+  (tkasparek@redhat.com)
fe4262 
+
fe4262 
 * Tue Apr 17 2018 Tomas Kasparek <tkasparek@redhat.com> 2.8.6-4
fe4262 
 - don't package python2 files for rhnlib (tkasparek@redhat.com)
fe4262 
 - be compliant with new packaging guidelines when requiring python2 packages

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation