X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:reply-to:from:to:date:message-id:subject :sender; q=dns; s=default; b=Dgn+JIUgoQPHNBr+wpox6WwhVZ5kl6PXgm7 2HV9hGZmplWEhsaOaJIL6V5kHApO8zztMmszr3KWDdtkGRn8PD4uTxH9XaFjNPIq kGmm16CmxquSmV8aR9plsuPACkmFKUTMaFWV0DTlnIOc+WNtSA71mQi1Uapj5iHJ U2kXwFFs= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:reply-to:from:to:date:message-id:subject :sender; s=default; bh=Sb0Ax5lC/V2BrHXqc5WLhbQM70w=; b=JBstCzC93 P5aZ8bhTgXWOf3W0l0kTCBuzDaXf/gv+emJjbvaL47ENoG3Y9PtTV8zc23fRR6Yl BAtf29plEOzl1HewlE3qbqoVTVe12I/XYWfvb85Xp8Vd0rQlrytOKQSPLHiu19B8 ODmcVKssjWV8pIAfs1C74p6YaB4V/HyT1w= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-2.4 required=5.0 tests=ALL_TRUSTED,BAYES_00,KAM_NUMSUBJECT autolearn=no version=3.3.1 spammy=ANNOUNCEMENT, transparent, H*MI:cygwin, structures X-HELO: localhost.localdomain Reply-To: cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none From: Yaakov Selkowitz To: cygwin AT cygwin DOT com Date: Sun, 17 Mar 2019 20:30:38 -0400 Message-Id: Subject: [ANNOUNCEMENT] openssl 1.1.1b-1 Sender: qmail alias The following packages have been uploaded to the Cygwin distribution: * openssl-1.1.1b-1 * openssl-perl-1.1.1b-1 * libssl1.1-1.1.1b-1 * libssl-devel-1.1.1b-1 * libssl1.0-1.0.2r-2 * libssl1.0-devel-1.0.2r-2 The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. This is a major update to the latest upstream release, which includes the following changes: * 1.1 changes the API to make data structures opaque to applications. By now, most active projects have updated their code for 1.1 compatibility, which is why we waited until now to switch to the 1.1 branch. If you have code that still needs to be ported, the following may be of help: https://wiki.openssl.org/index.php/OpenSSL_1.1.0_Changes * Most of Fedora's patchset has been applied. * The /usr/ssl directory has been replaced by /etc/pki/tls. In that directory, there are two separate config files, openssl.cnf for 1.1 and openssl10.conf for 1.0. * Due to this change, ca-certificates 2.26 is required. * Support for system crypto policies has been enabled. * The upstream location of engines has changed for 1.1, and 1.0 has moved for consistency. This should be mostly transparent, except for users which have built their own engines, which should now be rebuilt anyway. * The 1.0 library is still provided for binary compatibility with existing packages. * For those (hopefully rare) packages which are not compatible with 1.1 and for which such a patch cannot be found, a -devel package for 1.0 is also available. In order to use it, when pkg-config is used to find openssl, you must add /usr/lib/openssl-1.0/lib/pkgconfig to PKG_CONFIG_PATH, otherwise you must add /usr/lib/openssl-1.0/include to your includepath and /usr/lib/openssl-1.0/lib to your libpath. (The exact method will depend on the package.) However, please note that 1.0 will only be supported with security fixes for the remainder of the calendar year, so now is the time to rebuild your code and packages with, or port them to, 1.1. -- Yaakov -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple