[packages/exim] Disabled SSLv[2-3] in default configuration.
arekm
arekm at pld-linux.org
Fri Jan 16 15:24:51 CET 2015
commit 449bb67fc1a6c088d9f785cabb24edcd9a7dbbe4
Author: Michał Giżyński <michal at mailmix.pl>
Date: Thu Jan 15 15:14:50 2015 +0100
Disabled SSLv[2-3] in default configuration.
exim.spec | 6 +++---
exim4-disableSSLv3.patch | 12 ++++++++++++
2 files changed, 15 insertions(+), 3 deletions(-)
---
diff --git a/exim.spec b/exim.spec
index 43cc323..7515d59 100644
--- a/exim.spec
+++ b/exim.spec
@@ -22,7 +22,7 @@ Summary(pl.UTF-8): Agent Transferu Poczty Uniwersytetu w Cambridge
Summary(pt_BR.UTF-8): Servidor de correio eletrônico exim
Name: exim
Version: 4.85
-Release: 1
+Release: 2
Epoch: 2
License: GPL
Group: Networking/Daemons/SMTP
@@ -58,6 +58,7 @@ Patch5: localscan_dlopen_%{name}_4.20_or_better.patch
Patch8: %{name}-spam-timeout.patch
Patch10: %{name}-force-sigalrm.patch
+Patch11: %{name}4-disableSSLv3.patch
URL: http://www.exim.org/
%{?with_sasl:BuildRequires: cyrus-sasl-devel >= 2.1.0}
BuildRequires: db-devel
@@ -176,10 +177,9 @@ Pliki nagłówkowe dla Exima.
%patch8 -p1
%patch10 -p1
-
install %{SOURCE4} exim4.conf
install %{SOURCE14} doc/config.samples.tar.bz2
-
+%patch11 -p1
install -d Local
cat << 'EOF' >> Local/Makefile-Linux
CC=%{__cc}
diff --git a/exim4-disableSSLv3.patch b/exim4-disableSSLv3.patch
new file mode 100644
index 0000000..c89756d
--- /dev/null
+++ b/exim4-disableSSLv3.patch
@@ -0,0 +1,12 @@
+diff -urN eximorg/exim4.conf exim/exim4.conf
+--- eximorg/exim4.conf 2015-01-13 09:39:15.705251985 +0100
++++ exim/exim4.conf 2015-01-13 09:43:24.017910803 +0100
+@@ -70,6 +70,8 @@
+ # tls_privatekey = /etc/openssl/mail.key
+ # tls_advertise_hosts = *
+
++openssl_options = +no_sslv2 +no_sslv3
++
+ # You can use self-signed cerficates (you will need openssl-tools package):
+
+ # openssl genrsa -out /etc/openssl/mail.key 1024
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/exim.git/commitdiff/449bb67fc1a6c088d9f785cabb24edcd9a7dbbe4
More information about the pld-cvs-commit
mailing list