diff options
| author | Timo Teräs <timo.teras@iki.fi> | 2015-03-27 15:26:41 +0200 |
|---|---|---|
| committer | Timo Teräs <timo.teras@iki.fi> | 2015-03-27 16:30:45 +0200 |
| commit | 5891af54e70fd91c02e6f8ab9b2059662b0ecfd4 (patch) | |
| tree | 027a30ea07a77155c709904664cf91257546cb1a /main/openssl/0009-no-rpath.patch | |
| parent | 1e6108c320c4099cc100e8970ca6d5b9ed3d5d74 (diff) | |
| download | aports-5891af54e70fd91c02e6f8ab9b2059662b0ecfd4.tar.bz2 aports-5891af54e70fd91c02e6f8ab9b2059662b0ecfd4.tar.xz | |
main/openssl: fix rpath and turn off ssl compression by default
System wide mitigation for CVE-2012-4929. While most affected
programs turn off compression themselves, this is safer default.
Diffstat (limited to 'main/openssl/0009-no-rpath.patch')
| -rw-r--r-- | main/openssl/0009-no-rpath.patch | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/main/openssl/0009-no-rpath.patch b/main/openssl/0009-no-rpath.patch new file mode 100644 index 0000000000..56df75b791 --- /dev/null +++ b/main/openssl/0009-no-rpath.patch @@ -0,0 +1,11 @@ +--- a/Makefile.shared 2005-06-23 22:47:54.000000000 +0200 ++++ b/Makefile.shared 2005-11-16 22:35:37.000000000 +0100 +@@ -153,7 +153,7 @@ + NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ + SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" + +-DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" ++DO_GNU_APP=LDFLAGS="$(CFLAGS)" + + #This is rather special. It's a special target with which one can link + #applications without bothering with any features that have anything to |