[ANNOUNCEMENT] [SECURITY] Updated: openssl-1.0.1h-1, libopenssl098-0.9.8za-1
Andrew Schulman
schulman.andrew@epa.gov
Fri Jun 6 15:42:00 GMT 2014
> The following packages have been updated in the Cygwin distribution:
>
> * openssl-1.0.1h-1
> * libopenssl098-0.9.8za-1 (x86 only)
> * libopenssl100-1.0.1h-1
> * openssl-devel-1.0.1h-1
>
> The OpenSSL toolkit provides support for secure communications between
> machines. OpenSSL includes a certificate management tool and shared
> libraries which provide various cryptographic algorithms and protocols.
>
> This release includes fixes for several CVEs, including CVE-2014-0224
> (SSL/TLS man-in-the-middle). Full details on these fixes are available
> here:
>
> https://www.openssl.org/news/secadv_20140605.txt
I don't see any reason here that programs that depend on libopenssl100,
such as stunnel, would need to be rebuit for this update. Do you?
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list