RHSA-2007:0860-01 Moderate: tar security update
Eric Blake
ebb9@byu.net
Fri Aug 24 12:31:00 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
According to Corinna Vinschen on 8/24/2007 1:56 AM:
> Hi Eric,
>
> does that apply to Cygwin's tar, too?
>
> http://www.linuxcompatible.org/RHSA-20070860-01_Moderate_tar_security_update_p94768.html
Thanks for the heads up. Yes, cygwin is vulnerable, too (although since
cygwin doesn't handle .. quite according to POSIX, the vulnerability is
slightly different). New tar upload coming soon to a mirror near you.
- --
Don't work too hard, make some time for fun as well!
Eric Blake ebb9@byu.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
Comment: Public key at home.comcast.net/~ericblake/eblake.gpg
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGzs+K84KuGfSFAYARAt0TAJ45dzEv80jEvq6apv98vDbjEi7FMwCaArvV
Jgxnc7wQHF9MFEJeoR184L0=
=FqCW
-----END PGP SIGNATURE-----
More information about the Cygwin-apps
mailing list