This is the mail archive of the
cygwin
mailing list for the Cygwin project.
bzip2 update please
- From: Reini Urban <rurban at x-ray dot at>
- To: Cygwin List <cygwin at cygwin dot com>
- Cc: cygwin at cwilson dot fastmail dot fm
- Date: Tue, 11 Jan 2011 12:43:23 +0100
- Subject: bzip2 update please
Dear bzip2 maintainer (Charles),
1.0.6 is required against the CVE-2010-0405 decompression attack.
See http://bzip.org/
and http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405
Did Yaakov overlook this? Normally he's the one bugging first.
clamav had a configure check for this.
--
Reini Urban
http://phpwiki.org/ http://murbreak.at/
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple