This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Re: SECURITY: file
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin-apps at cygwin dot com
- Date: Mon, 2 Apr 2007 09:52:27 +0200
- Subject: Re: SECURITY: file
- References: <460F2B2A.4020504@users.sourceforge.net>
- Reply-to: cygwin-apps at cygwin dot com
On Mar 31 22:46, Yaakov (Cygwin Ports) wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> A buffer underflow vulnerability has been reported in file allowing for
> the user-assisted execution of arbitrary code.
>
> Solution: bump to >=4.20 (current is 4.19).
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536
> http://security.gentoo.org/glsa/glsa-200703-26.xml
Thanks, I uploaded the new release.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat