This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Major Git vulnerability announced; when can we expect an update to the Cygwin git package?
- From: Richard Mehlinger <rmehlinger at gmail dot com>
- To: cygwin at cygwin dot com
- Date: Thu, 18 Dec 2014 15:50:52 -0800
- Subject: Major Git vulnerability announced; when can we expect an update to the Cygwin git package?
- Authentication-results: sourceware.org; auth=none
Git has announced a major vulnerability, allowing attackers to set up
a malicious git repository that can be used to take over a client
computer: https://github.com/blog/1938-vulnerability-announced-update-your-git-clients.
Maintenance releases are already out for current Git versions.
My question is: When can we expect an update to the Cygwin git package
to address these concerns?
Cheers,
Richard
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple