cygwin1.dll up to 1.5.22 overflow
Corinna Vinschen
corinna-cygwin@cygwin.com
Thu Nov 8 11:48:00 GMT 2007
On Nov 8 12:23, Daniel Fdez. Bleda wrote:
> Dear Cygwin developers,
>
> One members of our team discovered a serious vulnerability, not
> published and docummented in Cygwin up to 1.5.22. It seam to be
> corrected in recent versions but we don't know if collateral to other
> correction or directly patched.
>
> As the cygwin site is absolutely unclear about where send bugs, but is
> absolutely clear what not to send I wonder where I should send this info.
The cygwin AT cygwin DOT com mailing list is the right place, as described
on http://cygwin.com/lists.html.
> ____________________________________
> Este mensaje y los documentos que, en su caso lleve anexos, pueden
> [etc...]
Plese refrain from sending this sort of disclaimers to mailing lists,
as described on http://sourceware.org/lists.html.
Thanks,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
More information about the Cygwin-developers
mailing list