[ANNOUNCEMENT] Updated: openssl-0.9.6e-1
Kim Scarborough
lists@jinx.unknown.nu
Wed Jul 31 10:33:00 GMT 2002
> > Shouldn't openssh, lynx, wget, etc. be recompiled against the new openssl
> > libs?
>
> According to the security announcement, yes.
>
> This should only apply to apps which are linked statically against
> OpenSSL, though.
Well, that would be all of those, I believe.
> Other than that, it's the responsibility of the maintainer of these
> packages to do that.
Are they aware that this needs to be done? This is a fairly serious security
hole, especially in the case of openssh.
----------------------------------------------------------------------------
Kim Scarborough Web Systems Administrator
University of Chicago/NSIT (773) 834-7740
----------------------------------------------------------------------------
Now listening to: Charlie 'Bozo' Nickerson - "What's the Matter Now? Part 2"
----------------------------------------------------------------------------
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list