On 2021-05-28 11:13, Brian Inglis wrote:
openssl/libssl has not been updated since 1.1.f two years ago and now
has four high sev CVEs outstanding in upstream 1.1.1k: two last year,
two this year.
If maintainer is short of time, I may be able to co-maintain?
Successful builds and tests of 1.1.1k x86/_64 with selected patches from
Fedora main and minimal changes from current 1.1.1f and my last 1.1.1h:
https://ci.appveyor.com/project/cygwin/scallywag/builds/39377213
pushed to playground with locally rebased patch for sha256 default
instead of sha1:
https://cygwin.com/git-cygwin-packages/?p=git/cygwin-packages/openssl.git;hb=refs/heads/playground;f=openssl.cygport
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.
[Data in binary units and prefixes, physical quantities in SI.]
