[SECURITY] tiff, libpng
Corinna Vinschen
corinna-cygwin@cygwin.com
Tue Aug 14 20:06:00 GMT 2012
Chuck?
Ping 2?
If you don't reply I guess we have to assume you're not with us
anymore. Which would be too bad.
On Aug 3 09:58, Corinna Vinschen wrote:
> Chuck?
>
> Ping? Are you still with us?
>
> On Jul 23 16:48, Yaakov (Cygwin/X) wrote:
> > Chuck,
> >
> > Security vulnerabilities are accumulating for the tiff package
> > (CVE-2011-0192, CVE-2011-1167, CVE-2012-1173, CVE-2012-2088,
> > CVE-2012-2113, CVE-2012-3401). This can be fixed by updating to
> > 3.9.6 and applying the four patches found here:
> >
> > http://pkgs.fedoraproject.org/gitweb/?p=libtiff.git;a=tree;h=refs/heads/f17;hb=f17
> >
> > There are also security vulnerabilities in the libpng packages
> > (CVE-2011-3026, CVE-2011-3048, and now CVE-2012-3386). These need
> > to be updated to the latest 1.4.12, 1.2.50, and 1.0.60 releases.
> >
> > PLEASE update these packages ASAP.
> >
> >
> > Yaakov
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
More information about the Cygwin-apps
mailing list