Mail Archives: cygwin/2005/07/09/01:32:55

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2005/07/09/01:32:55

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Reply-To: cygwin AT cygwin DOT com

Message-Id: <cygwin.42CF5FA6.5040202@cwilson.fastmail.fm>

Date: Sat, 09 Jul 2005 01:24:54 -0400

From: Charles Wilson <cygwin AT cwilson DOT fastmail DOT fm>

User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)

MIME-Version: 1.0

To: cygwin AT cygwin DOT com

Subject: [ANNOUNCEMENT] Updated: bzip2-1.0.3-1, libbz2_1-1.0.3-1

bzip2 provides the bzip2.exe / bunzip2.exe executables, a 
patent-unencumbered but highly effective compression tool.

CHANGES:

Routine update to upstream version 1.0.3

Addresses security issue CAN-2005-1260 "bzip2 allows remote attackers to 
cause a denial of service (hard drive consumption) via a crafted bzip2 
file that causes an infinite loop (a.k.a "decompression bomb")."

Addresses security issue CAN-2005-0953 "Race condition in bzip2 1.0.2 
and earlier allows local users to modify permissions of arbitrary files 
via a hard link attack on a file while it is being decompressed, whose 
permissions are changed by bzip2 after the decompression is complete."

-- 
Charles Wilson
bzip2 volunteer maintainer for cygwin

To update your installation, click on the "Install Cygwin now" link on
the http://cygwin.com/ web page.  This downloads setup.exe to your
system.  Then, run setup and answer all of the questions.

               *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***

If you want to unsubscribe from the cygwin-announce mailing list, look
at the "List-Unsubscribe: " tag in the email header of this message.
Send email to the address specified there.  It will be in the format:

cygwin-announce-unsubscribe-you=yourdomain DOT com AT cygwin DOT com

If you need more information on unsubscribing, start reading here:

http://sources.redhat.com/lists.html#unsubscribe-simple

Please read *all* of the information on unsubscribing that is available
starting at the above URL.






--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Reply-To:	cygwin AT cygwin DOT com
Message-Id:	<cygwin.42CF5FA6.5040202@cwilson.fastmail.fm>
Date:	Sat, 09 Jul 2005 01:24:54 -0400
From:	Charles Wilson <cygwin AT cwilson DOT fastmail DOT fm>
User-Agent:	Mozilla Thunderbird 1.0 (Windows/20041206)
MIME-Version:	1.0
To:	cygwin AT cygwin DOT com
Subject:	[ANNOUNCEMENT] Updated: bzip2-1.0.3-1, libbz2_1-1.0.3-1