Use a separator.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Sebastian Andrzej Siewior
2 years ago
2 | 2 |
* New upstream version.
|
3 | 3 |
- CVE-2022-1292 (The c_rehash script allows command injection).
|
4 | 4 |
* The orig tar file is now signed with a stronger hash (Closes: #1007808).
|
|
5 |
* Use a sepator in the CipherString in openssl.cnf (Closes: #948800).
|
5 | 6 |
|
6 | 7 |
-- Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Thu, 05 May 2022 07:32:45 +0200
|
7 | 8 |
|
13 | 13 |
1 file changed, 12 insertions(+)
|
14 | 14 |
|
15 | 15 |
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
|
16 | |
index 4acca4b0446f..a6fed92a2e75 100644
|
|
16 |
index 4acca4b0446f..3ae764b5aaa7 100644
|
17 | 17 |
--- a/apps/openssl.cnf
|
18 | 18 |
+++ b/apps/openssl.cnf
|
19 | 19 |
@@ -15,6 +15,9 @@ HOME = .
|
|
38 | 38 |
+
|
39 | 39 |
+[system_default_sect]
|
40 | 40 |
+MinProtocol = TLSv1.2
|
41 | |
+CipherString = DEFAULT@SECLEVEL=2
|
|
41 |
+CipherString = DEFAULT:@SECLEVEL=2
|