Module name: ports
Changes by: j...@cvs.openbsd.org 2016/12/01 12:32:02
www/links+ : Tag: OPENBSD_6_0 Makefile distinfo
www/links+/patches: Tag: OPENBSD_6_0 patch-html_c patch-https_c
SECURITY update to links-2.14
* Limit keepalive of ciphers with 64-bit block size to mitigate
the SWEET32 attack
* Improved tor hardening - when the user toggles the "Only Proxies" option
(i.e. when connecting to tor), we reset certain other options to their
default values, so that it is not possible to identify user behind tor
based on the selected options.
* Security bug fixed: Don't load or render the content of
"407 Proxy Authentication Required" reply when using https proxy.
This avoids the FalseCONNECT attack.
Also, don't allow 401 and 407 responses to set cookies.
Tested on 6.0 by Tim Meunier (maintainer)