e389a6acfc
- Update to version 5.15.14+kde143:
* HTTP2: Delay any communication until encrypted() can be responded to
(bsc#1227426, CVE-2024-39936)
* Add missing line continuations for memory_resource opt-out on Apple systems
* a11y atspi: Add null checks in table iface methods
OBS-URL: https://build.opensuse.org/request/show/1189041
OBS-URL: https://build.opensuse.org/package/show/KDE:Qt:5.15/libqt5-qtbase?expand=0&rev=66
15 lines
749 B
Diff
15 lines
749 B
Diff
Index: qtbase-opensource-src-5.5.1/src/network/ssl/qsslsocket_openssl.cpp
|
|
===================================================================
|
|
--- qtbase-opensource-src-5.5.1.orig/src/network/ssl/qsslsocket_openssl.cpp
|
|
+++ qtbase-opensource-src-5.5.1/src/network/ssl/qsslsocket_openssl.cpp
|
|
@@ -645,7 +645,8 @@ void QSslSocketPrivate::resetDefaultCiph
|
|
!ciph.name().toLower().startsWith(QLatin1String("aecdh"))) {
|
|
ciphers << ciph;
|
|
|
|
- if (ciph.usedBits() >= 128)
|
|
+ if (ciph.usedBits() >= 128 &&
|
|
+ !ciph.encryptionMethod().toLower().startsWith(QLatin1String("rc4")))
|
|
defaultCiphers << ciph;
|
|
}
|
|
}
|