This is the mail archive of the cygwin-developers mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: 64 bit HEADSUP: Restart of *everything* today


On Thu, Mar 7, 2013 at 9:39 AM, Teemu Nätkinniemi <tnatkinn@gmail.com> wrote:
> I added working *shared* Perl 5.16.2. Recent improvements to Cygwin64 made
> this version possible. I also added Autoconf 2.69 and Automake 1.13.1 and
> removed the old versions.
> https://sourceforge.net/projects/cyg64files/files/perl-5.16.2-3.x86_64.tar.xz/download

Hi Teemu,

Great.
But I'm, not quite happy with 5.16 being released on cygwin. First
there is a new 5.14.4
and 5.16.3 which do fix most security issues, but secondly 5.16 itself
is so inherently
insecure, that I warned packagers not to distribute it at all. And did
choose to not
fully disclosure the issues publicly since it affects a lot of people.

It's not that cygwin is such a secure platform that it makes a
difference, but still, as I
as maintainer am the one who found all those bugs and p5p is still in
denial of the more
important issues (they fixed some minor ones, apperently just to avoid
trouble), it would
be nice to release 5.14.4 instead. 5.14.4 can be highly recommended.

PS: The author of the problems confirmed my issues with 5.16, and there slowly
coming some momentum to fix it for 5.18.
-- 
Reini Urban
http://cpanel.net/   http://www.perl-compiler.org/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]