From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost.localdomain (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id C0BE33850237 for ; Tue, 6 Sep 2022 17:42:50 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org B2293385355A Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=nexgo.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=nexgo.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nexgo.de; s=vfde-smtpout-mb-15sep; t=1662486162; bh=iGdK/SoeE/Et3gbIeAzBLDfPeScJ/w9iYtefFY0NOrQ=; h=From:To:Subject:Date:Message-ID:User-Agent:Content-Type:From; b=DaWzFF2wxzDPiO0cHtdYQUuHnzByajEEe1nbjltJcg5XGdlpKV96qNKAuhDF9xtOG wbdtf4MyCsN4NjJnlRYQVqGQKC8FYRI7LGxy3ikZZyynS+U4/UlxbOJRsuoqG8llff nDvIa/9jMwyG0I+Msa1pptpHz8I6ZS36U5kXvRlE= From: Achim Gratz To: cygwin@cygwin.com Subject: [ANNOUNCEMENT] Re-Release: ca-certificates-2022.2.54-3 Date: Tue, 06 Sep 2022 19:42:34 +0200 Message-Id: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-purgate-type: clean X-purgate: clean X-purgate-size: 2139 X-purgate-ID: 155817::1662486161-4FFA64D1-3FB0C804/0/0 X-Spam-Status: No, score=-3030.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, KAM_NUMSUBJECT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: cygwin-announce@cygwin.com X-Mailman-Version: 2.1.29 Errors-To: cygwin-announce-bounces+cygwin-announce-resender=cygwin.com@cygwin.com Reply-To: cygwin@cygwin.com X-Mailer: Perl5 Mail::Internet v2.20 Sender: Kernel Overflow User List-Id: The following packages have been uploaded to the Cygwin distribution: ca-certificates-2022.2.54-3 ca-certificates-letsencrypt-2022.2.54-3 This re-release fixes an upstream and a packaging bug that arises because p11kit makes certain directories unwritable after population. This becomes noticeable only when the user invoking those scripts is not an administrator (or more specifically on Windows doesn't have SeBackupPrivilege and SeRestorePrivilege). Please note that the fix temporarily needs to make the directory writable, which will again fail if the user attempting to do that has insufficient rights for this operation. Mozilla's CA root certificates for use with OpenSSL, NSS, GnuTLS, and other software that handles certificate verification. This is an update to the latest upstream release. This update contains the ca-certificates-letsencrypt package, whose installation will make the ISRG R3 intermediate CA a trust anchor and removes trust for the already expired DST X3 root CA (this should strictly not be necessary, but works around bugs present in some libraries in how alternate chains are constructed and verified). This will allow to successfully verify certificates using the Letsencrypt legacy cert chain in certain applications. Install this package when you currently have trouble accessing sites (due to validation complaining about an expired certificate) that had no problems until about September 30 or October 1 2021 depending on your timezone. The release numbering scheme has been aligned with Fedora. -- *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO *** If you want to unsubscribe from the cygwin-announce mailing list, look at the "List-Unsubscribe: " tag in the email header of this message. Send email to the address specified there. It will be in the format: cygwin-announce-unsubscribe-you=yourdomain.com@cygwin.com If you need more information on unsubscribing, start reading here: http://sourceware.org/lists.html#unsubscribe-simple Please read *all* of the information on unsubscribing that is available starting at this URL.