| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| X-SWARE-Spam-Status: | No, hits=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 |
| X-Spam-Check-By: | sourceware.org |
| Date: | Wed, 18 Jan 2012 17:29:11 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | [ANNOUNCEMENT] Updated: openssl-0.9.8t-1, openssl-devel-0.9.8t-1, libopenssl098-0.9.8t-1 |
| Message-Id: | <announce.20120118162911.GC23446@calimero.vinschen.de> |
| MIME-Version: | 1.0 |
| User-Agent: | Mutt/1.5.21 (2010-09-15) |
| Reply-To: | cygwin AT cygwin DOT com |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
I've updated the version of OpenSSL to 0.9.8t-1. This is an upstream security release. The Cygwin release is build from the vanilla sources, no additional patches. Here's the official security advisory: ------------------------------------------------------------------------ OpenSSL Security Advisory [18 Jan 2011] ======================================= DTLS DoS attack (CVE-2012-0050) ================================ A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack. Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected. Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix. Affected users should upgrade to OpenSSL 1.0.0g or 0.9.8t. References ========== URL for this Security Advisory: http://www.openssl.org/news/secadv_20120118.txt ------------------------------------------------------------------------ To update your installation, click on the "Install Cygwin now" link on the http://cygwin.com/ web page. This downloads setup.exe to your system. Then, run setup and answer all of the questions. *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO *** If you want to unsubscribe from the cygwin-announce mailing list, look at the "List-Unsubscribe: " tag in the email header of this message. Send email to the address specified there. It will be in the format: cygwin-announce-unsubscribe-you=yourdomain DOT com AT cygwin DOT com If you need more information on unsubscribing, start reading here: http://sourceware.org/lists.html#unsubscribe-simple Please read *all* of the information on unsubscribing that is available starting at the above URL. -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |