--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/ejabberd/patches/001-no-sslv3.patch Thu Jul 09 13:47:36 2015 -0700
@@ -0,0 +1,23 @@
+#
+# disable SSLv3 support as it is not entirely secure.
+#
+--- ejabberd-2.1.13/src/tls/tls_drv.c.orig Thu Jul 9 11:46:50 2015
++++ ejabberd-2.1.13/src/tls/tls_drv.c Thu Jul 9 11:52:03 2015
+@@ -44,7 +44,7 @@
+ #define SSL_OP_NO_TICKET 0
+ #endif
+
+-#define CIPHERS "DEFAULT:!EXPORT:!LOW:!SSLv2"
++#define CIPHERS "DEFAULT:!EXPORT:!LOW:!SSLv2:!SSLv3"
+
+ /*
+ * R15B changed several driver callbacks to use ErlDrvSizeT and
+@@ -440,7 +440,7 @@
+ res = SSL_CTX_check_private_key(ctx);
+ die_unless(res > 0, "SSL_CTX_check_private_key failed");
+
+- SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET);
++ SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET);
+
+ SSL_CTX_set_cipher_list(ctx, CIPHERS);
+