This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [ANNOUNCEMENT] Updated: perl-5.22.1-2

From: Tony Cook <tony at develop-help dot com>
To: cygwin at cygwin dot com
Date: Thu, 10 Mar 2016 10:43:25 +1100
Subject: Re: [ANNOUNCEMENT] Updated: perl-5.22.1-2
Authentication-results: sourceware.org; auth=none
References: <announce dot 8760wve0c0 dot fsf at Rainer dot invalid>

On Wed, Mar 09, 2016 at 11:46:39PM +0100, Achim Gratz wrote:
> 
> A new release of Perl version 5.22.1 is available, which fixes two cases
> of losing taint.  Immediate update is recommended if either the
> environment or the input to any Perl program can be controlled by an
> untrusted party.

Does this refer to the CVE-2015-8607 and CVE-2016-2381 fixes?

The second is a bit more complex than losing taint.

Tony

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Follow-Ups:
- Re: [ANNOUNCEMENT] Updated: perl-5.22.1-2
  - From: Achim Gratz

References:
- [ANNOUNCEMENT] Updated: perl-5.22.1-2
  - From: Achim Gratz

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]