From 674a0f955809d40c2fe3e5092b2927c4c96e8351 Mon Sep 17 00:00:00 2001
From: Kei Kebreau <kei@openmailbox.org>
Date: Fri, 4 Nov 2016 20:06:03 -0400
Subject: gnu: w3m: Switch to Debian's actively maintained fork of w3m.

Fixes some security issues seen here:
<http://www.openwall.com/lists/oss-security/2016/11/03/3>

* gnu/packages/w3m.scm (w3m): Switch it.
[source]: Use Debian's git tree. Remove obsolete patches.
[arguments]: Remove an unneeded substitute* function.
* gnu/packages/patches/w3m-disable-sslv2-and-sslv3.patch,
gnu/packages/patches/w3m-disable-weak-ciphers.patch,
gnu/packages/patches/w3m-force-ssl_verify_server-on.patch,
gnu/packages/patches/w3m-libgc.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
---
 .../patches/w3m-disable-weak-ciphers.patch         | 24 ----------------------
 1 file changed, 24 deletions(-)
 delete mode 100644 gnu/packages/patches/w3m-disable-weak-ciphers.patch

(limited to 'gnu/packages/patches/w3m-disable-weak-ciphers.patch')

diff --git a/gnu/packages/patches/w3m-disable-weak-ciphers.patch b/gnu/packages/patches/w3m-disable-weak-ciphers.patch
deleted file mode 100644
index 4780d54cb6..0000000000
--- a/gnu/packages/patches/w3m-disable-weak-ciphers.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Subject: Disable weak ciphers
-
-Disable RC4, "export ciphers", and all keys < 128 bits.
-
-Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/w3m/+bug/1325674
----
- url.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/url.c b/url.c
-index ed6062e..e86b1f3 100644
---- a/url.c
-+++ b/url.c
-@@ -326,6 +326,7 @@ openSSLHandle(int sock, char *hostname, char **p_cert)
- 	SSL_load_error_strings();
- 	if (!(ssl_ctx = SSL_CTX_new(SSLv23_client_method())))
- 	    goto eend;
-+	SSL_CTX_set_cipher_list(ssl_ctx, "DEFAULT:!LOW:!RC4:!EXP");
- 	option = SSL_OP_ALL;
- 	if (ssl_forbid_method) {
- 	    if (strchr(ssl_forbid_method, '2'))
--- 
-2.6.4
-
-- 
cgit 1.4.1