[Octave-bug-tracker] [bug #63876] [MXE Octave] OpenSSL vulnerability

[Markus Mützel]

Follow-up Comment #6, bug #63876 (project octave):

Windows can be a bit tricky at times when it comes to mixing libraries from
different toolchains and different run-time environments.
Octave for Windows is built with a MinGW toolchain linking against MSVCRT.
IIUC, modern MSVC links against UCRT.

The binaries in usr/bin are from MSYS2. If you replace a binary in that
folder, you should probably use one that is a Cygwin binary (linking to the
same Cygwin heap from MSYS2).
If you update with the version from MSYS2 (not any of the native binaries that
they also distribute), it would probably work.

I haven't tested that. But maybe it would update with the following commands
in the cmdshell:

pacman -Sy
pacman -S openssl


(Don't run `pacman -Su` because that would likely mess up the binaries in the
"mingw64" folder...)


    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?63876>

_______________________________________________
Message sent via Savannah
https://savannah.gnu.org/