Major Git vulnerability announced; when can we expect an update to the Cygwin git package?

Richard Mehlinger rmehlinger@gmail.com
Thu Dec 18 23:51:00 GMT 2014


Git has announced a major vulnerability, allowing attackers to set up
a malicious git repository that can be used to take over a client
computer: https://github.com/blog/1938-vulnerability-announced-update-your-git-clients.
Maintenance releases are already out for current Git versions.

My question is: When can we expect an update to the Cygwin git package
to address these concerns?

Cheers,
Richard

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list