X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; q=dns; s=
	default; b=jk8TrXOX962Bd0uDw2aJNdGZDblJgh9MMbVBl9UrXKlLCF+GIeRal
	Bd4cPz9/XrIhCLYfJip0cKikQXLvU97h3dJJPJKNNIgsmq0pdIfLzf4HQNe7Cgt3
	iNYTu/dbpvb0cSyVf2R+RH+4XCM3mnoHSffXeSb/JW96OqdLMeHeZ4=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:date:message-id:references
	:mime-version:content-type:content-transfer-encoding; s=default;
	 bh=mWtD7w8PPCWpzypizFxRiDHtQfw=; b=nZ8hmeYGc3lvOe8iHdJEWkdbBLaF
	6MdPOx0h6DbjqrADcx3VeJfAg/XVsAbHCwKLR8udJOovFpHms8FxgFb28n+KPmW7
	IZeNlG5PacfbJmcNiXUnk1TtK7Ba8HW7bZGYxxhYubwEBU3tzLk8PmNIfOxONLc6
	BZPhCnJGobf5vKg=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=0.2 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2
X-HELO: plane.gmane.org
To: cygwin AT cygwin DOT com
From: Andrew Schulman <schulman DOT andrew AT epa DOT gov>
Subject: Re: [ANNOUNCEMENT] [SECURITY] Updated: openssl-1.0.1h-1, libopenssl098-0.9.8za-1
Date: Fri, 06 Jun 2014 11:42:03 -0400
Lines: 19
Message-ID: <58o3p99uet4ovpjrokurvhr41iebne9tuf@4ax.com>
References: <announce DOT 539177E6 DOT 10903 AT cygwin DOT com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Archive: encrypt
X-IsSubscribed: yes

> The following packages have been updated in the Cygwin distribution:
> 
> * openssl-1.0.1h-1
> * libopenssl098-0.9.8za-1 (x86 only)
> * libopenssl100-1.0.1h-1
> * openssl-devel-1.0.1h-1
> 
> The OpenSSL toolkit provides support for secure communications between 
> machines. OpenSSL includes a certificate management tool and shared 
> libraries which provide various cryptographic algorithms and protocols.
> 
> This release includes fixes for several CVEs, including CVE-2014-0224 
> (SSL/TLS man-in-the-middle).  Full details on these fixes are available 
> here:
> 
> https://www.openssl.org/news/secadv_20140605.txt

I don't see any reason here that programs that depend on libopenssl100,
such as stunnel, would need to be rebuit for this update.  Do you?


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple