From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 8710 invoked by alias); 16 Oct 2011 18:49:23 -0000 Received: (qmail 8697 invoked by uid 22791); 16 Oct 2011 18:49:22 -0000 X-SWARE-Spam-Status: No, hits=-2.3 required=5.0 tests=AWL,BAYES_00,DKIM_SIGNED,DKIM_VALID,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW X-Spam-Check-By: sourceware.org Received: from mail-vw0-f43.google.com (HELO mail-vw0-f43.google.com) (209.85.212.43) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Sun, 16 Oct 2011 18:49:09 +0000 Received: by vws13 with SMTP id 13so2658567vws.2 for ; Sun, 16 Oct 2011 11:49:08 -0700 (PDT) Received: by 10.52.184.103 with SMTP id et7mr17147670vdc.35.1318790948739; Sun, 16 Oct 2011 11:49:08 -0700 (PDT) Received: from [192.168.0.100] (S0106000cf16f58b1.wp.shawcable.net. [24.79.200.150]) by mx.google.com with ESMTPS id bu10sm14920606vdb.3.2011.10.16.11.49.07 (version=SSLv3 cipher=OTHER); Sun, 16 Oct 2011 11:49:08 -0700 (PDT) Subject: SECURITY: gnutls From: "Yaakov (Cygwin/X)" To: cygwin-apps Date: Sun, 16 Oct 2011 18:49:00 -0000 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit Message-ID: <1318790948.7624.14.camel@YAAKOV04> Mime-Version: 1.0 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com X-SW-Source: 2011-10/txt/msg00040.txt.bz2 Dr. Volker Zell, gnutls 2.8.6 is susceptible to CVE-2009-3555. This has been fixed since 2.10.0, but the current stable releases are 2.12.11 (ABI-compatible with 2.8.6) and 3.0.4 (which breaks ABI compatibility). For now, please release 2.12.11 ASAP for all the apps currently dependent on libgnutls26. Yaakov