OpenSSL package updates

Corinna Vinschen corinna-cygwin@cygwin.com
Sat Nov 6 17:24:22 GMT 2021


On Nov  6 16:58, Achim Gratz wrote:
> Achim Gratz writes:
> > I have updated the recently released Cygwin packages with all upstream
> > patches from Fedora plus the patches for all CVE affecting version 1.0.2
> > since the last official version and changed the cygport files so they
> > build on AppVeyor.  The packages have been pushed to the respective
> > playground branches:
> >
> > https://cygwin.com/git-cygwin-packages?p=git/cygwin-packages/openssl10.git;a=shortlog;h=refs/heads/playground
> > https://cygwin.com/git-cygwin-packages?p=git/cygwin-packages/openssl.git;a=shortlog;h=refs/heads/playground
> 
> I've just updated the playground branches with the respective MinGW64
> OpenSSL packages integrated (I needed to drop two patches from Fedora
> for OpernSSL 1.0 because they were using an API not available on
> MinGW64.
> 
> > I have not yet looked at the MingW64 libraries and I will not have time
> > next week to do any further work.  I might do an ITA later on when I
> > have everything completed.  I'd appreciate if someone would take a look
> > and test these builds in the meantime.
> 
> So it turns out that there weren't any OpenSSL 1.1 packages for MinGW64
> existing and so the OpenSSL 1.0 packages are still named *-openssl
> instead of *-openssl10.  I haven't yet tried to build the 1.1 versdion
> for MinGW64, but I'd tend to do the rename first and then clobber the
> *-openssl name for the newer version.  How was that handled for the
> Cygwin packages?

That started with OpenSSL 0.9.5 I think, I'm not sure anymore.  You
should be able to do this in a single step, as long as you craft the
dependencies so that an update of the openssl package pulls in the
openssl10 package with the old lib.  As soon as all dependent distro
packages are updated, you can just drop the dependency and then the old
package entirely.


Corinna


More information about the Cygwin-apps mailing list