Mailing-List: contact cygwin-announce-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-announce-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-announce/>
List-Post: <mailto:cygwin-announce AT cygwin DOT com>
List-Help: <mailto:cygwin-announce-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-announce-owner AT cygwin DOT com
Delivered-To: mailing list cygwin-announce AT cygwin DOT com
Delivered-To: moderator for cygwin-announce AT cygwin DOT com
Date: Fri, 11 Apr 2003 13:15:44 +0200
From: Corinna Vinschen <vinschen AT redhat DOT com>
To: cygann <cygwin-announce AT cygwin DOT com>
Subject: Updated: openssl-0.9.7b-1, openssl-devel-0.9.7b-1
Message-ID: <20030411111544.GA8203@cygbert.vinschen.de>
Reply-To: cygwin <cygwin AT cygwin DOT com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.1i

I've updated the version of OpenSSL to 0.9.7b-1.  This also includes the
openssl-devel package.

This is a bugfix and security update.

The Cygwin version matches the official source tree.

The official release announcement text as of today follows:

  OpenSSL version 0.9.7b and 0.9.6j released
  ==========================================

  OpenSSL - The Open Source toolkit for SSL/TLS
  http://www.openssl.org/

  The OpenSSL project team is pleased to announce the release of
  version 0.9.7b of our open source toolkit for SSL/TLS.  This new
  OpenSSL version is a security and bugfix release and incorporates
  at least 7 changes and bugfixes to the toolkit (for a complete list
  see http://www.openssl.org/source/exp/CHANGES.

  We also release 0.9.6j, which contains the same security bugfix as
  0.9.7b and a few more small bugfixes compared to 0.9.6i.

  The most significant changes are:

    o Security: counter the Klima-Pokorny-Rosa extension of
      Bleichbacher's attack                                   [0.9.7b & 0.9.6j]
    o Security: make RSA blinding default.                    [0.9.7b & 0.9.6j]
    o Configuration: Irix fixes, AIX fixes, better mingw support.      [0.9.7b]
    o Support for new platforms: linux-ia64-ecc.                       [0.9.7b]
    o Build: shared library support fixes.                    [0.9.7b & 0.9.6j]
    o ASN.1: treat domainComponent correctly.                          [0.9.7b] 
    o Documentation: fixes and additions.                              [0.9.7b]

  We consider OpenSSL 0.9.7b to be the best version of OpenSSL available
  and we strongly recommend that users of older versions upgrade as
  soon as possible.  OpenSSL 0.9.7b is available for download via HTTP
  and FTP from the following master locations (you can find the various
  FTP mirrors under http://www.openssl.org/source/mirror.html):

    o http://www.openssl.org/source/
    o ftp://ftp.openssl.org/source/

  For those who want or have to stay with the 0.9.6 series of OpenSSL,
  we strongly recommend that you upgrade to OpenSSL 0.9.6j as soon as
  possible.  It's available in the same location as 0.9.7b.


To update your installation, click on the "Install Cygwin now" link on
the http://cygwin.com/ web page.  This downloads setup.exe to your
system.  Once you've downloaded setup.exe, run it and select "Net"
("Devel" for the openssl-devel package) and then click on the appropriate
field until the above announced version number appears if it is not
displayed already.

If you have questions or comments, please send them to the Cygwin
mailing list at: cygwin AT cygwin DOT com .  I would appreciate it if you would
use this mailing list rather than emailing me directly.  This includes
ideas and comments about the setup utility or Cygwin in general.

If you want to make a point or ask a question, the Cygwin mailing list
is the appropriate place.

              *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***

If you want to unsubscribe from the cygwin-announce mailing list, look
at the "List-Unsubscribe: " tag in the email header of this message.
Send email to the address specified there.  It will be in the format:

cygwin-announce-unsubscribe-you=yourdomain DOT com AT cygwin DOT com

If you need more information on unsubscribing, start reading here:

http://sources.redhat.com/lists.html#unsubscribe-simple

Please read *all* of the information on unsubscribing that is available
starting at this URL.

I implore you to READ this information before sending email about how
you "tried everything" to unsubscribe.  In 100% of the cases where
people were unable to unsubscribe, the problem was that they hadn't
actually read and comprehended the unsubscribe instructions.

If you need to unsubscribe from cygwin-announce or any other mailing
list, reading the instructions at the above URL is guaranteed to
provide you with the info that you need.

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.