X-Recipient: archive-cygwin AT delorie DOT com DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org E6825385B513 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1676229307; bh=9xf++ZXwc4LZgpSdNVxwZav4lQVWSc49+QlDq6Em50M=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:Cc:From; b=solhKdH/2VqQ0Z3zICkzmCMjiiP1a73NHnURln+hicsD6OCcQGdq/uXJ7lFBuX/Bp W0N/naAfS4fJ2A93svzzRZflnoNJRDV0gk3wkQvPtgI1fGN/N2gqOkP7mgjfOk7yx0 xqebfvzmzv/P8UjyZGUCjrgsdEMUSLxTn1hK+Fdk= X-Original-To: cygwin AT cygwin DOT com Delivered-To: cygwin AT cygwin DOT com DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E35E83858D1E To: cygwin AT cygwin DOT com Subject: [ANNOUNCEMENT] Re-Release: ca-certificates-2022.2.60-3 Date: Sun, 12 Feb 2023 20:14:11 +0100 Message-Id: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 X-purgate-type: clean X-purgate: clean X-purgate-size: 2141 X-purgate-ID: 155817::1676229261-927FB4F8-AE07C8E9/0/0 X-Spam-Status: No, score=-3031.0 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, KAM_NUMSUBJECT, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: cygwin-announce AT cygwin DOT com X-Mailman-Version: 2.1.29 X-Mailer: Perl5 Mail::Internet v2.20 X-BeenThere: cygwin AT cygwin DOT com List-Id: General Cygwin discussions and problem reports List-Archive: List-Post: List-Help: List-Subscribe: , From: Achim Gratz via Cygwin Reply-To: cygwin AT cygwin DOT com Cc: Achim Gratz Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Cygwin" The following packages have been uploaded to the Cygwin distribution: ca-certificates-2022.2.60-1 ca-certificates-letsencrypt-2022.2.60-1 This re-release fixes an upstream and a packaging bug that arises because p11kit makes certain directories unwritable after population. This becomes noticeable only when the user invoking those scripts is not an administrator (or more specifically on Windows doesn't have SeBackupPrivilege and SeRestorePrivilege). Please note that the fix temporarily needs to make the directory writable, which will again fail if the user attempting to do that has insufficient rights for this operation. Mozilla's CA root certificates for use with OpenSSL, NSS, GnuTLS, and other software that handles certificate verification. This is an update to the latest upstream release. This update contains the ca-certificates-letsencrypt package, whose installation will make the ISRG R3 intermediate CA a trust anchor and removes trust for the already expired DST X3 root CA (this should strictly not be necessary, but works around bugs present in some libraries in how alternate chains are constructed and verified). This will allow to successfully verify certificates using the Letsencrypt legacy cert chain in certain applications. Install this package when you currently have trouble accessing sites (due to validation complaining about an expired certificate) that had no problems until about September 30 or October 1 2021 depending on your timezone. The release numbering scheme has been aligned with Fedora. -- *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO *** If you want to unsubscribe from the cygwin-announce mailing list, look at the "List-Unsubscribe: " tag in the email header of this message. Send email to the address specified there. It will be in the format: cygwin-announce-unsubscribe-you=yourdomain DOT com AT cygwin DOT com If you need more information on unsubscribing, start reading here: http://sourceware.org/lists.html#unsubscribe-simple Please read *all* of the information on unsubscribing that is available starting at this URL. -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple