[SECURITY] perl: CVE-2016-2381
Yaakov Selkowitz
yselkowitz@cygwin.com
Tue Mar 8 18:32:00 GMT 2016
On 2016-03-08 11:59, Achim Gratz wrote:
> Achim Gratz writes:
>> Yaakov Selkowitz writes:
>>> A security vulnerability has been made public for perl:
>>
>> I've asked on p5p what the plan is for another 5.22 release. If that's
>> too far off, I'll just patch 5.22.1, otherwise I'll wait for these
>> patches (there are more fixes on the branch) to be released in 5.22.2.
>
> The answer is that a release will happen "hoepfully before May", so
> unless that shifts even further out I'd be inclined to wait for the
> release.
That's way too long to leave a public vulnerability unpatched. Please
ship a 5.22.1-2 in the meantime.
--
Yaakov
More information about the Cygwin-apps
mailing list