This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: SECURITY: file

From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
To: cygwin-apps at cygwin dot com
Date: Mon, 2 Apr 2007 09:52:27 +0200
Subject: Re: SECURITY: file
References: <460F2B2A.4020504@users.sourceforge.net>
Reply-to: cygwin-apps at cygwin dot com

On Mar 31 22:46, Yaakov (Cygwin Ports) wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> A buffer underflow vulnerability has been reported in file allowing for
> the user-assisted execution of arbitrary code.
> 
> Solution: bump to >=4.20 (current is 4.19).
> 
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
> http://security.gentoo.org/glsa/glsa-200703-26.xml

Thanks, I uploaded the new release.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

References:
- SECURITY: file
  - From: Yaakov (Cygwin Ports)

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]