[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Rich Salz rsalz at openssl.org
Fri Oct 14 15:32:20 UTC 2016


The branch OpenSSL_1_0_1-stable has been updated
       via  9d9e0535366b4e5cfb2eb4d74be6b3d546b98fe8 (commit)
      from  329a5f361513154ebfbd616c79b628750df16de1 (commit)


- Log -----------------------------------------------------------------
commit 9d9e0535366b4e5cfb2eb4d74be6b3d546b98fe8
Author: Vitezslav Cizek <vcizek at suse.com>
Date:   Mon Oct 10 16:41:57 2016 +0200

    Degrade 3DES to MEDIUM in SSL2
    
    The SWEET32 fix moved 3DES from HIGH to MEDIUM, but omitted SSL2.
    
    CLA: trivial
    Reviewed-by: Kurt Roeckx <kurt at openssl.org>
    Reviewed-by: Matt Caswell <matt at openssl.org>
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/1683)
    
    (cherry picked from commit 6d69dc56de8f0535be9ccabea7a8d4e61c04c2f1)

-----------------------------------------------------------------------

Summary of changes:
 ssl/s2_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index 7bcb81a..0322dc8 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -254,7 +254,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
      SSL_3DES,
      SSL_MD5,
      SSL_SSLV2,
-     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
+     SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
      0,
      112,
      168,


More information about the openssl-commits mailing list