diff options
author | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2015-07-01 09:03:44 -0300 |
---|---|---|
committer | André Fabian Silva Delgado <emulatorman@parabola.nu> | 2015-07-01 09:03:44 -0300 |
commit | 6754d5ea997f61e6df67ff782e8b2c7507495595 (patch) | |
tree | 3955a60377987707afc1e827e982b486c3b2c60b /libre/iceweasel/vendor.js | |
parent | 14b590025d65d1b7e6ebb31d977ebbfffd04fde3 (diff) | |
download | abslibre-6754d5ea997f61e6df67ff782e8b2c7507495595.tar.gz abslibre-6754d5ea997f61e6df67ff782e8b2c7507495595.tar.bz2 abslibre-6754d5ea997f61e6df67ff782e8b2c7507495595.zip |
iceweasel: The logjam attack [https://weakdh.org/] allows an attacker to impersonate servers that support weak keys. This change implements https://addons.mozilla.org/en-US/firefox/addon/disable-dhe/
Diffstat (limited to 'libre/iceweasel/vendor.js')
-rw-r--r-- | libre/iceweasel/vendor.js | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/libre/iceweasel/vendor.js b/libre/iceweasel/vendor.js index a1e41cef2..2135bf4aa 100644 --- a/libre/iceweasel/vendor.js +++ b/libre/iceweasel/vendor.js @@ -157,3 +157,9 @@ pref("app.faqURL", "http://libreplanet.org/wiki/Group:IceCat/FAQ"); // PFS URL pref("pfs.datasource.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%"); pref("pfs.filehint.url", "http://gnuzilla.gnu.org/plugins/PluginFinderService.php?mimetype=%PLUGIN_MIMETYPE%"); + +// https://directory.fsf.org/wiki/Disable_DHE +pref("security.ssl3.dhe_rsa_aes_128_sha", false); +pref("security.ssl3.dhe_rsa_aes_256_sha", false); +pref("security.ssl3.dhe_dss_aes_128_sha", false); +pref("security.ssl3.dhe_rsa_des_ede3_sha", false); |