This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ANNOUNCEMENT] [SECURITY] Updated: openssl-1.0.1h-1, libopenssl098-0.9.8za-1


> The following packages have been updated in the Cygwin distribution:
> 
> * openssl-1.0.1h-1
> * libopenssl098-0.9.8za-1 (x86 only)
> * libopenssl100-1.0.1h-1
> * openssl-devel-1.0.1h-1
> 
> The OpenSSL toolkit provides support for secure communications between 
> machines. OpenSSL includes a certificate management tool and shared 
> libraries which provide various cryptographic algorithms and protocols.
> 
> This release includes fixes for several CVEs, including CVE-2014-0224 
> (SSL/TLS man-in-the-middle).  Full details on these fixes are available 
> here:
> 
> https://www.openssl.org/news/secadv_20140605.txt

I don't see any reason here that programs that depend on libopenssl100,
such as stunnel, would need to be rebuit for this update.  Do you?


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]