Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sources.redhat.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Message-ID:	<005901c238a1$4168c2f0$23638780@uchicago.edu>
From:	"Kim Scarborough" <lists AT jinx DOT unknown DOT nu>
To:	<cygwin AT cygwin DOT com>
References:	<20020730160945 DOT EC06B1B5E2 AT redhat DOT com> <01d501c23805$2cdbcef0$23638780 AT uchicago DOT edu> <20020731114240 DOT E3921 AT cygbert DOT vinschen DOT de>
Subject:	Re: [ANNOUNCEMENT] Updated: openssl-0.9.6e-1
Date:	Wed, 31 Jul 2002 09:47:55 -0500

> > Shouldn't openssh, lynx, wget, etc. be recompiled against the new openssl
> > libs?
>
> According to the security announcement, yes.
>
> This should only apply to apps which are linked statically against
> OpenSSL, though.

Well, that would be all of those, I believe.

> Other than that, it's the responsibility of the maintainer of these
> packages to do that.

Are they aware that this needs to be done? This is a fairly serious security
hole, especially in the case of openssh.

----------------------------------------------------------------------------
Kim Scarborough                                  Web Systems Administrator
University of Chicago/NSIT                       (773) 834-7740
----------------------------------------------------------------------------
Now listening to: Charlie 'Bozo' Nickerson - "What's the Matter Now? Part 2"
----------------------------------------------------------------------------




--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -