- Update to 2.8.9.1

  Changes: https://lynx.invisible-island.net/lynx2.8.9/breakout/CHANGES

PR:	230568
Submitted by:	Dmitri Goutnik <dg@syrec.org>
Approved by:	jharris@widomaker.com (maintainer)

1 files changed, 12 insertions, 12 deletions

diff --git a/www/lynx/files/patch-CVE-2014-3566 b/www/lynx/files/patch-CVE-2014-3566
index f6956346cdbc..d0413210f33c 100644
--- a/www/lynx/files/patch-CVE-2014-3566
+++ b/www/lynx/files/patch-CVE-2014-3566
@@ -1,16 +1,16 @@
-Disable SSLv2 and SSLv3 in lynx to "mitigate POODLE vulnerability".
-
-This change has been passed upstream.
-
---- WWW/Library/Implementation/HTTP.c.orig	2015-02-16 12:48:34.014809453 -0800
-+++ WWW/Library/Implementation/HTTP.c	2015-02-16 12:49:09.627395954 -0800
-@@ -119,7 +119,8 @@
+--- WWW/Library/Implementation/HTTP.c.orig	2018-08-12 12:33:30 UTC
++++ WWW/Library/Implementation/HTTP.c
+@@ -206,11 +206,8 @@ SSL *HTGetSSLHandle(void)
  #else
  	SSLeay_add_ssl_algorithms();
- 	ssl_ctx = SSL_CTX_new(SSLv23_client_method());
--	SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
-+	/* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */
-+	SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+ 	if ((ssl_ctx = SSL_CTX_new(TLS_client_method())) != NULL) {
+-#ifdef SSL_OP_NO_SSLv2
+-	    SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
+-#else
+-	    SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL);
+-#endif
++		/* Always disable SSLv2 & SSLv3 to "mitigate POODLE vulnerability". */
++	    SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
  #ifdef SSL_OP_NO_COMPRESSION
- 	SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);
+ 	    SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_COMPRESSION);
  #endif