Thread: POODLE vulnerability in SSLv3
View Single Post
  #98  
Old 11-06-2014, 07:47 PM
 
aim aim is offline
Advanced Staff Users
  

X-Cart team
   
Join Date: Dec 2008
Posts: 928
 
Default Re: POODLE vulnerability in SSLv3
Quote:
Originally Posted by TheSarcasmShop
Is there a way to view if the patch is installed?

Check if you have this code

Code:
    if ($use_tls) {
        // http://curl.haxx.se/libcurl/c/CURLOPT_SSLVERSION.html CURL_SSLVERSION_TLSv1
        curl_setopt ($ch, CURLOPT_SSLVERSION, 1);
    }

in the
include/func/func.https_libcurl.php
file.

I have prepared a quick patch for you which works with any version of the include/func/func.https_libcurl.php
file

authorize_disable_ssl3.diff
Attached Files
File Type: diff authorize_disable_ssl3.diff (551 Bytes, 29 views)
__________________
Sincerely yours,
Ildar Amankulov
Head of Maintenance group
Reply With Quote