This is the mail archive of the
mailing list for the Cygwin project.
Re: SSH / SSL vulnerable?
- From: Brian Dessent <brian at dessent dot net>
- To: unsolicited <unsolicited at swiz dot ca>
- Cc: cygwin at cygwin dot com
- Date: Fri, 16 May 2008 17:35:02 -0700
- Subject: Re: SSH / SSL vulnerable?
- References: <482DD839.firstname.lastname@example.org>
- Reply-to: cygwin at cygwin dot com
> Is cygwin's ssh / ssl vulnerable, as per the recent debian / buntu's
> security alert?
The openssl problem was caused by a Debian local patch that was
installed to quell valgrind warnings. Valgrind supports only
linux+glibc, so there would be no reason to apply such a patch to a
Cygwin openssl, which is built OOTB from upstream sources with no
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html