SECURITY: [ GLSA 200706-09 ] libexif: Buffer overflow

Yaakov (Cygwin Ports) yselkowitz@users.sourceforge.net
Fri Jul 27 00:57:00 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Christopher Faylor wrote:
> FWIW, libpopt0 was, the last time I checked, linked to rpm and rpm had
> become particularly hard to port to cygwin, also the last time I
> checked.

I'm not sure what you mean by "linked" to rpm.  While I'm aware that
popt was originally developed for rpm, it is a separate package used by
many other projects; and while the library (supposedly) hasn't had any
API breakage, surely the functionality has improved over 5+ years.

IOW, upgrading popt should have nothing to do with Cygwin's version of
rpm, although understandably you would want to test that first.


Yaakov

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGqUL+piWmPGlmQSMRCPbfAKDIV5NeT9LF0mvWpRy1RbBmlETGugCfXXlK
fWGHunxNee4p8bWa/al4XJc=
=6qnk
-----END PGP SIGNATURE-----



More information about the Cygwin-apps mailing list