Mail Archives: cygwin/2026/01/22/12:14:38

www.delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2026/01/22/12:14:38

DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 60MHEb4x2200471

Authentication-Results: delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com

Authentication-Results: delorie.com; spf=pass smtp.mailfrom=cygwin.com

DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 60MHEb4x2200471

Authentication-Results: delorie.com;

dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=BYq+AgTX

X-Recipient: archive-cygwin AT delorie DOT com

DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 856AA4BC895F

DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;

s=default; t=1769102076;

bh=0e9oiH1qqMoOT87FLMBJOtld/XAG5wD4sv4vIhV7FDI=;

h=Date:Subject:To:References:In-Reply-To:List-Id:List-Unsubscribe:

List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:

From;

b=BYq+AgTXq5gK2JmCNkZvjloaWL7kgl2fKBSy7B+tAosrH0kh5aMQ6G6f2upap0Jad

tj+7JJwM6oZQvtGEcuxZOqNhe5XzeBwqc3oHUed1FKmYmFh6oKSNG5snTiJBtkYFg+

Aqb9jdJIXjCOpgufB9qEw5J8mBNv1ayVCvbrNm7M=

X-Original-To: cygwin AT cygwin DOT com

Delivered-To: cygwin AT cygwin DOT com

DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 74DD24BA2E2E

ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 74DD24BA2E2E

ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1769102027; cv=none;

b=LIOeGR9g8dp8JnYpEdZH0gr0whzg7/XO+EadTcF/i2OfrEx7tYxykhtIC/EQkfBPP8X4rYhsIwk0sSXDKa1RY9CM2mRc5Zrcr8iz9JjQuuG+8xy+mMd2FIyVZOT7UPfwCzTMpMUJ1Rmk5EA4FMAi/3E2yQDj3iJSGSRzq9hhhLg=

ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;

t=1769102027; c=relaxed/simple;

bh=5exvzJIp/BAySRQdAaHEXYC6sVY2j3tN3o0Wjka3KqQ=;

h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From;

b=Z8FXhD90gooocFO0BJMUVF6sfYHpmSeWStCGK3oxzTcbaEi/9n+LEu0+DM5G1M5zW5Pt4L8hy0/GJwq8lFXcMsD5DdUKj+ORpLwNY1Am1o01RvEOr9U1gAHl9AWfm2FbpNCu1OLM2jSl8XfNcTwHsMd+TLes3ORO+o/Nf2pnK7s=

ARC-Authentication-Results: i=1; server2.sourceware.org

DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 74DD24BA2E2E

X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;

d=1e100.net; s=20230601; t=1769102026; x=1769706826;

h=content-transfer-encoding:in-reply-to:from:references:to

:content-language:subject:user-agent:mime-version:date:message-id

:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id

:reply-to;

bh=bdYG/TX7yZvW2NLyCDIhULfHWVKdq+Xs9CoDSZa1cMo=;

b=bs94rg+KJE0VGCM+mv5YdghTJh61E8YRJu2tHU8fmgeinKC51NtHJ23fitdBKkeFWa

ugRrLcl9yXiiR5dWvxeDujycwPS9nPT3I8iFq98MjefMU7eBEM2+dMeNCG9BWQ8hxhc0

4oLA/STigVmfX1/AAMRhFR39CclJf165k2cQPEn8EgKIwnh4I4vwmDIj6EKCj7XSMIKJ

Y6TH9kJ4NXxh2y45h8uopKeB3ZUIzP7NTFbjKeaNBEp1Cyq0aeM2ztFbiX3N5s7Rk3WL

QZv9AJswW6MMnaj4BJpa24x6JZaW5u7isJt3lAhZttAscTBFVscu8tQbYycJidRfPecS

E4EA==

X-Gm-Message-State: AOJu0YxcNqRLbmN3HWZE8Lvbl9JBFw+0KYdK2rk3mHFM6G/n5BHYR2/C

sZNaf4B7AKB2iZG8+8BEBrKfx8eGwxRiYoa6GMI4uGuEWOI2V3RmiuiwFKu2nw==

X-Gm-Gg: AZuq6aKY1TddNYHpuI/fc6/DoVRSF5vW93gzyLnbDpoCZPjh79WIDnP0ezCD6iokt5Z

J0/q2iiRrlZHDQqaCqB6AMOugkPiYuTl6kmnH4ozjXbdgf6QMIwu02X9wsJDcqJnVGIUQg8errs

jFtaTt9pp5TJo4rMw8dx/ImjxaHKxE4rVIs8H1a/JN+9vGvOBQjQEOMyKCGaPa0h/44dPt0kc8/

7nDPqPms4XteKRyh3/A84V/n5NX2qxq71NnlrPdGgU+lnGZLh1KPscyFUL9qFUSr6wOrgVXgVaZ

SKlke1Clwh0418n9vx2xW+VseCJ4XOgGUkE2GJKfHj/SV6OtF+y9V0Bq/dnuS0TU9zIZAeNgDi8

t1S1pNyBwfTdqtYn3eMm3sj9pNQuwyL3278TaGMdSLIrpfu3Q6MZgxkJaJexTFlt5jziydGB3Ln

VNLhLJBj46hYwaJ/aMf3nCMoXBIbbvMNTRRhQNzCRAjBX+ROjgbWYyNUSj0GhE0lvtzswm

X-Received: by 2002:a05:6000:288c:b0:430:fd60:93fb with SMTP id

ffacd0b85a97d-435b160378dmr421516f8f.32.1769102026265;

Thu, 22 Jan 2026 09:13:46 -0800 (PST)

Message-ID: <6040d6ad-9d19-4f1b-9a0b-f8b379175830@gmail.com>

Date: Thu, 22 Jan 2026 18:13:45 +0100

MIME-Version: 1.0

User-Agent: Mozilla Thunderbird

Subject: Re: CVE-2025-13151 and Cygwin package libtasn1_6

To: cygwin AT cygwin DOT com

References: <BN9P111MB2434F33C607CDE0AB042906EB097A AT BN9P111MB2434 DOT NAMP111 DOT PROD DOT OUTLOOK DOT COM>

In-Reply-To: <BN9P111MB2434F33C607CDE0AB042906EB097A@BN9P111MB2434.NAMP111.PROD.OUTLOOK.COM>

X-BeenThere: cygwin AT cygwin DOT com

X-Mailman-Version: 2.1.30

List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>

List-Archive: <https://cygwin.com/pipermail/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>

List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,

<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>

From: Marco Atzeri via Cygwin <cygwin AT cygwin DOT com>

Reply-To: Marco Atzeri <marco DOT atzeri AT gmail DOT com>

Sender: "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com>

On 22/01/2026 17:50, FOPPE, JEFFREY B CIV USAF AFMC AFLCMC/WFRQ via 
Cygwin wrote:
> CVE-2025-13151 points out a vulnerability in libtasn1 versions 4.20 and earlier.  The version provided through Cygwin is much earlier.  It doesn't look like this package has been updated since 2019 and is listed as Orphaned.  A lot of other packages seem to depend on it.  Does anyone know if a developer will look at updating this?
> 
> 
> Jeff Foppe
> 
> 
Looking on it

Regards
Marco


-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

DMARC-Filter:	OpenDMARC Filter v1.4.2 delorie.com 60MHEb4x2200471
Authentication-Results:	delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com
Authentication-Results:	delorie.com; spf=pass smtp.mailfrom=cygwin.com
DKIM-Filter:	OpenDKIM Filter v2.11.0 delorie.com 60MHEb4x2200471
Authentication-Results:	delorie.com;
	dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=BYq+AgTX
X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 856AA4BC895F
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1769102076;
	bh=0e9oiH1qqMoOT87FLMBJOtld/XAG5wD4sv4vIhV7FDI=;
	h=Date:Subject:To:References:In-Reply-To:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	From;
	b=BYq+AgTXq5gK2JmCNkZvjloaWL7kgl2fKBSy7B+tAosrH0kh5aMQ6G6f2upap0Jad
	tj+7JJwM6oZQvtGEcuxZOqNhe5XzeBwqc3oHUed1FKmYmFh6oKSNG5snTiJBtkYFg+
	Aqb9jdJIXjCOpgufB9qEw5J8mBNv1ayVCvbrNm7M=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
DMARC-Filter:	OpenDMARC Filter v1.4.2 sourceware.org 74DD24BA2E2E
ARC-Filter:	OpenARC Filter v1.0.0 sourceware.org 74DD24BA2E2E
ARC-Seal:	i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1769102027; cv=none;
	b=LIOeGR9g8dp8JnYpEdZH0gr0whzg7/XO+EadTcF/i2OfrEx7tYxykhtIC/EQkfBPP8X4rYhsIwk0sSXDKa1RY9CM2mRc5Zrcr8iz9JjQuuG+8xy+mMd2FIyVZOT7UPfwCzTMpMUJ1Rmk5EA4FMAi/3E2yQDj3iJSGSRzq9hhhLg=
ARC-Message-Signature:	i=1; a=rsa-sha256; d=sourceware.org; s=key;
	t=1769102027; c=relaxed/simple;
	bh=5exvzJIp/BAySRQdAaHEXYC6sVY2j3tN3o0Wjka3KqQ=;
	h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From;
	b=Z8FXhD90gooocFO0BJMUVF6sfYHpmSeWStCGK3oxzTcbaEi/9n+LEu0+DM5G1M5zW5Pt4L8hy0/GJwq8lFXcMsD5DdUKj+ORpLwNY1Am1o01RvEOr9U1gAHl9AWfm2FbpNCu1OLM2jSl8XfNcTwHsMd+TLes3ORO+o/Nf2pnK7s=
ARC-Authentication-Results:	i=1; server2.sourceware.org
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 74DD24BA2E2E
X-Google-DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20230601; t=1769102026; x=1769706826;
	h=content-transfer-encoding:in-reply-to:from:references:to
	:content-language:subject:user-agent:mime-version:date:message-id
	:x-gm-gg:x-gm-message-state:from:to:cc:subject:date:message-id
	:reply-to;
	bh=bdYG/TX7yZvW2NLyCDIhULfHWVKdq+Xs9CoDSZa1cMo=;
	b=bs94rg+KJE0VGCM+mv5YdghTJh61E8YRJu2tHU8fmgeinKC51NtHJ23fitdBKkeFWa
	ugRrLcl9yXiiR5dWvxeDujycwPS9nPT3I8iFq98MjefMU7eBEM2+dMeNCG9BWQ8hxhc0
	4oLA/STigVmfX1/AAMRhFR39CclJf165k2cQPEn8EgKIwnh4I4vwmDIj6EKCj7XSMIKJ
	Y6TH9kJ4NXxh2y45h8uopKeB3ZUIzP7NTFbjKeaNBEp1Cyq0aeM2ztFbiX3N5s7Rk3WL
	QZv9AJswW6MMnaj4BJpa24x6JZaW5u7isJt3lAhZttAscTBFVscu8tQbYycJidRfPecS
	E4EA==
X-Gm-Message-State:	AOJu0YxcNqRLbmN3HWZE8Lvbl9JBFw+0KYdK2rk3mHFM6G/n5BHYR2/C
	sZNaf4B7AKB2iZG8+8BEBrKfx8eGwxRiYoa6GMI4uGuEWOI2V3RmiuiwFKu2nw==
X-Gm-Gg:	AZuq6aKY1TddNYHpuI/fc6/DoVRSF5vW93gzyLnbDpoCZPjh79WIDnP0ezCD6iokt5Z
	J0/q2iiRrlZHDQqaCqB6AMOugkPiYuTl6kmnH4ozjXbdgf6QMIwu02X9wsJDcqJnVGIUQg8errs
	jFtaTt9pp5TJo4rMw8dx/ImjxaHKxE4rVIs8H1a/JN+9vGvOBQjQEOMyKCGaPa0h/44dPt0kc8/
	7nDPqPms4XteKRyh3/A84V/n5NX2qxq71NnlrPdGgU+lnGZLh1KPscyFUL9qFUSr6wOrgVXgVaZ
	SKlke1Clwh0418n9vx2xW+VseCJ4XOgGUkE2GJKfHj/SV6OtF+y9V0Bq/dnuS0TU9zIZAeNgDi8
	t1S1pNyBwfTdqtYn3eMm3sj9pNQuwyL3278TaGMdSLIrpfu3Q6MZgxkJaJexTFlt5jziydGB3Ln
	VNLhLJBj46hYwaJ/aMf3nCMoXBIbbvMNTRRhQNzCRAjBX+ROjgbWYyNUSj0GhE0lvtzswm
X-Received:	by 2002:a05:6000:288c:b0:430:fd60:93fb with SMTP id
	ffacd0b85a97d-435b160378dmr421516f8f.32.1769102026265;
	Thu, 22 Jan 2026 09:13:46 -0800 (PST)
Message-ID:	<6040d6ad-9d19-4f1b-9a0b-f8b379175830@gmail.com>
Date:	Thu, 22 Jan 2026 18:13:45 +0100
MIME-Version:	1.0
User-Agent:	Mozilla Thunderbird
Subject:	Re: CVE-2025-13151 and Cygwin package libtasn1_6
To:	cygwin AT cygwin DOT com
References:	<BN9P111MB2434F33C607CDE0AB042906EB097A AT BN9P111MB2434 DOT NAMP111 DOT PROD DOT OUTLOOK DOT COM>
In-Reply-To:	<BN9P111MB2434F33C607CDE0AB042906EB097A@BN9P111MB2434.NAMP111.PROD.OUTLOOK.COM>
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.30
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From:	Marco Atzeri via Cygwin <cygwin AT cygwin DOT com>
Reply-To:	Marco Atzeri <marco DOT atzeri AT gmail DOT com>
Sender:	"Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com>