More accurate comment for the SSL_OP_NETSCAPE_CIPHER_CHANGE_BUG

2010-12-09 11:46:08 +01:00 · 2010-12-09 11:46:08 +01:00 · a62c516f75
commit a62c516f75
parent 154f82b97d
1 changed files with 1 additions and 1 deletions
--- a/openssl-1.0.0-beta5-cipher-change.patch
+++ b/openssl-1.0.0-beta5-cipher-change.patch
@ -6,7 +6,7 @@ diff -up openssl-1.0.0-beta5/ssl/ssl.h.cipher-change openssl-1.0.0-beta5/ssl/ssl
 /* Allow initial connection to servers that don't support RI */
 #define SSL_OP_LEGACY_SERVER_CONNECT			0x00000004L
 -#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L
-+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L /* can break some security expectations */
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG		0x00000008L /* no effect since 1.0.0c due to CVE-2010-4180 */
 #define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG		0x00000010L
 #define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER		0x00000020L
 #define SSL_OP_MSIE_SSLV2_RSA_PADDING			0x00000040L /* no effect since 0.9.7h and 0.9.8b */