This is the mail archive of the cygwin-apps mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

SECURITY: file


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

A buffer underflow vulnerability has been reported in file allowing for
the user-assisted execution of arbitrary code.

Solution: bump to >=4.20 (current is 4.19).

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
http://security.gentoo.org/glsa/glsa-200703-26.xml


Yaakov

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGDysqpiWmPGlmQSMRCNOFAJ9r00Wbttpdkj+8Ie6bNq0m/IRKcgCeMRsr
fyJ/TNEpt9TvmHspBZuiIEQ=
=AJ02
-----END PGP SIGNATURE-----


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]