Diffusion FreeBSD src repository 922c452bd871

OpenSSL: Move static DH ciphersuites into the "weak-ssl-ciphers" list
922c452bd871
Actions

Edit Commit
Download Raw Diff
Edit Related Objects...
Edit Revisions
Mute Notifications
Flag For Later
Award Token

Description

OpenSSL: Move static DH ciphersuites into the "weak-ssl-ciphers" list

This effectively disables the static DH ciphersuites because we do not
enable weak SSL ciphers. Note it is exactly done as recommended in the
OpenSSL Security Advisory for Raccoon Attack (CVE-2020-1968):

https://www.openssl.org/news/secadv/20200909.txt

Details

Provenance

jkim	Authored on Feb 18 2021, 8:10 PM

Parents

rG7799e59719e4: Update Subversion to 1.14.1 LTS. See contrib/subversion/CHANGES for a

Branches

Unknown

Tags

Unknown

Event Timeline

jkim committed rG922c452bd871: OpenSSL: Move static DH ciphersuites into the "weak-ssl-ciphers" list (authored by jkim).Feb 18 2021, 8:10 PM

Changes (1)

Path

Size

crypto/

openssl/

ssl/

s3_lib.c

rG922c452bd871

View Options

crypto/openssl/ssl/s3_lib.c