mirrors/deluge
0
0
Fork 0
mirror of https://git.deluge-torrent.org/deluge synced 2025-08-03 15:08:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

[WebUI] Security update for POODLE vulnerability

Browse source 
WebUI with HTTPS enabled is vulnerable to POODLE (CVE­-2014­-3566), so switch from
SSLv3 to TLSv1.
This commit is contained in:
Calum Lind 2014-10-15 18:44:02 +01:00
commit bdca70b330
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
deluge/ui/web/server.py
View file

@ -542,7 +542,7 @@ class ServerContextFactory:
def getContext(self): # NOQA def getContext(self): # NOQA
"""Creates an SSL context.""" """Creates an SSL context."""
ctx = SSL.Context(SSL.SSLv3_METHOD) ctx = SSL.Context(SSL.TLSv1_METHOD)
deluge_web = component.get("DelugeWeb") deluge_web = component.get("DelugeWeb")
log.debug("Enabling SSL using:") log.debug("Enabling SSL using:")
log.debug("Pkey: %s", deluge_web.pkey) log.debug("Pkey: %s", deluge_web.pkey)