This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: SECURITY: [ GLSA 200706-09 ] libexif: Buffer overflow

On Jul 25 01:42, Yaakov (Cygwin Ports) wrote:
> Corinna Vinschen wrote:
> > Never mind, I just found them.  The directory layout is a bit weird
> > now:
> > 
> >    - exif
> >      - libexif
> >        - libexif12
> >        - libexif-devel
> >      - libexif10
> Yeah, I know, that's how Gerrit set them up; should I move libexif
> immediately under release?

No worries, it's your call.

> > Why are libexif12 and libexif-devel not in the same directory level
> > as libexif10?  Oh, and, do you also take over maintainance of libexif10
> > or is that still an orphaned package?
> libexif10 should be moved to _obsolete, and being that it's also
> affected by the buffer overflow, should be dropped like a hot potato.

I moved libexif10 to _obsolete.

Another question:  The exif package was Gerrit's package, too, and
it's still on version 0.6.9.  Any chance that you could take this one
over as well?


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]