diff options
| author | Mark H Weaver <mhw@netris.org> | 2016-05-12 18:11:35 -0400 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2016-05-12 18:15:07 -0400 |
| commit | ef06d54a9b9ee4fb5015c78ab94f8df1d3a72f1d (patch) | |
| tree | a28a5492d4a2781c5eca1959702b980c91c23de6 /gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch | |
| parent | de1d68a2955ab1934338bee185fdba6c8934bd6e (diff) | |
gnu: icecat: Update to 38.8.0-gnu1.
* gnu/packages/patches/icecat-CVE-2016-2805.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt1.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt2.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt3.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt4.patch,
gnu/packages/patches/icecat-CVE-2016-2807-pt5.patch,
gnu/packages/patches/icecat-CVE-2016-2808.patch,
gnu/packages/patches/icecat-CVE-2016-2814.patch,
gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch,
gnu/packages/patches/icecat-update-bundled-graphite2.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
* gnu/packages/gnuzilla.scm (icecat): Update to 38.8.0-gnu1.
[source] Remove deleted patches.
Diffstat (limited to 'gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch')
| -rw-r--r-- | gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch | 24 |
1 files changed, 0 insertions, 24 deletions
diff --git a/gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch b/gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch deleted file mode 100644 index 5c869bf510..0000000000 --- a/gnu/packages/patches/icecat-re-enable-DHE-cipher-suites.patch +++ /dev/null @@ -1,24 +0,0 @@ -Re-enable the DHE (Ephemeral Diffie-Hellman) cipher suites, which IceCat -38.6.0 disabled by default to avoid the Logjam attack. This issue was -fixed in NSS version 3.19.1 by limiting the lower strength of supported -DHE keys to use 1023 bit primes, so we can enable these cipher suites -safely. The DHE cipher suites are needed to allow IceCat to connect to -many sites, including https://gnupg.org/. - -Patch by Mark H Weaver <mhw@netris.org> - ---- icecat-38.6.0/browser/app/profile/icecat.js.orig 1969-12-31 19:00:00.000000000 -0500 -+++ icecat-38.6.0/browser/app/profile/icecat.js 2016-02-06 00:48:23.826170154 -0500 -@@ -2061,12 +2061,6 @@ - pref("security.ssl3.rsa_des_ede3_sha", false); - pref("security.ssl3.ecdhe_ecdsa_rc4_128_sha", false); - pref("security.ssl3.ecdhe_rsa_rc4_128_sha", false); --// https://directory.fsf.org/wiki/Disable_DHE --// Avoid logjam attack --pref("security.ssl3.dhe_rsa_aes_128_sha", false); --pref("security.ssl3.dhe_rsa_aes_256_sha", false); --pref("security.ssl3.dhe_dss_aes_128_sha", false); --pref("security.ssl3.dhe_rsa_des_ede3_sha", false); - //Optional - //Perfect forward secrecy - // pref("security.ssl3.rsa_aes_256_sha", false); |