This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
SECURITY: gnutls
- From: "Yaakov (Cygwin/X)" <yselkowitz at users dot sourceforge dot net>
- To: cygwin-apps <cygwin-apps at cygwin dot com>
- Date: Sun, 16 Oct 2011 13:49:07 -0500
- Subject: SECURITY: gnutls
Dr. Volker Zell,
gnutls 2.8.6 is susceptible to CVE-2009-3555. This has been fixed since
2.10.0, but the current stable releases are 2.12.11 (ABI-compatible with
2.8.6) and 3.0.4 (which breaks ABI compatibility). For now, please
release 2.12.11 ASAP for all the apps currently dependent on
libgnutls26.
Yaakov