This is the mail archive of the
cygwin
mailing list for the Cygwin project.
[ANNOUNCEMENT] openssl 1.0.2h-1
- From: Yaakov Selkowitz <yselkowitz at cygwin dot com>
- To: cygwin at cygwin dot com
- Date: Wed, 04 May 2016 12:35:12 -0500
- Subject: [ANNOUNCEMENT] openssl 1.0.2h-1
- Authentication-results: sourceware.org; auth=none
- Authentication-results: sourceware.org; auth=none
- Reply-to: cygwin at cygwin dot com
The following packages have been uploaded to the Cygwin distribution:
* openssl-1.0.2h-1
* openssl-devel-1.0.2h-1
* openssl-perl-1.0.2h-1
* libopenssl100-1.0.2h-1
* mingw64-i686-openssl-1.0.2h-1
* mingw64-x86_64-openssl-1.0.2h-1
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and protocols.
This is an update to the latest upstream release, which includes fixes for
CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, and CVE-2016-2176:
https://www.openssl.org/news/secadv/20160503.txt
Support for the SSLv2 protocol, which is vulnerable to DROWN, has been
completely removed in this release, while maintaining ABI compatibility
(which was not possible OOTB with 1.0.2g).
--
Yaakov
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple