X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:reply-to:message-id:from:to:date:subject; q=
	dns; s=default; b=omTVXlK0/MIbtNJROxcQXWho8r72RuYpGFnL9uzEXcpEWD
	Y6detGRNwq7bwHT8oXMtSioy4n1fDQug6vk8T9xDSe4SSc+VK55v6XScNAosi/V9
	WqAJHj5S0rljXidTeuPnX7nOm019S9sHyiIsKAEtofwBoS45B+Me1GQGeWQf4=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:reply-to:message-id:from:to:date:subject; s=
	default; bh=w/ChLCcCMqcUGlxe9ePFbu6OOw8=; b=YH1WllGRuMykgSSL3Hx2
	v+aptgWIQSFC24EuQT1cbaYnzKKAQHWtYwjhB7WzZd72FwNFaWjxgBEZds1+Zkou
	A8qwHWoR/Tdgmqd5OB0ENb9X5fqOKfEMEhvbxtd6iXV7xMe328esmv2JqIvmUAcw
	+LPixChQNihiShputxYdq7c=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-HELO: localhost.localdomain
Reply-To: cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=BAYES_00,KAM_LAZY_DOMAIN_SECURITY,SPF_HELO_PASS autolearn=no version=3.3.2 spammy=drown, H*m:prod, H*F:U*yselkowitz, H*MI:int
Message-Id: <announce.201605041759.u44HxfX5021566@int-mx11.intmail.prod.int.phx2.redhat.com>
From: Yaakov Selkowitz <yselkowitz AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Date: Wed, 04 May 2016 12:35:12 -0500
Subject: [ANNOUNCEMENT] openssl 1.0.2h-1
X-IsSubscribed: yes

The following packages have been uploaded to the Cygwin distribution:

* openssl-1.0.2h-1
* openssl-devel-1.0.2h-1
* openssl-perl-1.0.2h-1
* libopenssl100-1.0.2h-1
* mingw64-i686-openssl-1.0.2h-1
* mingw64-x86_64-openssl-1.0.2h-1

The OpenSSL toolkit provides support for secure communications between 
machines. OpenSSL includes a certificate management tool and shared 
libraries which provide various cryptographic algorithms and protocols.

This is an update to the latest upstream release, which includes fixes for 
CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, and CVE-2016-2176:

https://www.openssl.org/news/secadv/20160503.txt

Support for the SSLv2 protocol, which is vulnerable to DROWN, has been 
completely removed in this release, while maintaining ABI compatibility 
(which was not possible OOTB with 1.0.2g).

--
Yaakov

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple