Mail Archives: cygwin/2014/12/18/18:51:56

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2014/12/18/18:51:56

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:from:date:message-id:subject:to

:content-type; q=dns; s=default; b=b5c1ebl/R2hxMuQj9CZbakcpi9+B0

7bLhMAvxTSXHliLvVU7rP0W4t0RLPLclj1at5FZZzVFOWmS4Cp1llQoAktnQRIRv

tCF9UEQ49SAaAZNELZD3xFSv6OLrMQYibx5h5KqBgJqEhzFAR6itQFEkU2f1iaPh

D80gtFvZKnd7wk=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:from:date:message-id:subject:to

:content-type; s=default; bh=quh1zyJnVhpi7WmN/bP0R5GYqfk=; b=f/K

D41MLuzvGPQqFmtyeSWX15VE3p0umnRtvK4X6m1CYk+P0cpDlcQ/gLEJlf0kJDAe

QpDTe2TA4/zQM3GTwSJpN9w7bgfRQiF3vfcNDvvm6wGtOb/Lg7K3qsiL+ytASWhw

b+jgFfzHf7Axafsy9n74nRw3GxehzxPFpEWXN+HA=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=0.6 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2

X-HELO: mail-ob0-f179.google.com

X-Received: by 10.182.101.169 with SMTP id fh9mr3116852obb.0.1418946692469; Thu, 18 Dec 2014 15:51:32 -0800 (PST)

MIME-Version: 1.0

From: Richard Mehlinger <rmehlinger AT gmail DOT com>

Date: Thu, 18 Dec 2014 15:50:52 -0800

Message-ID: <CAKL2AYOa3LNYC7xgg_8xUqiej10X47HUB4QQK5xUnJZR7mn_Eg@mail.gmail.com>

Subject: Major Git vulnerability announced; when can we expect an update to the Cygwin git package?

To: cygwin AT cygwin DOT com

Git has announced a major vulnerability, allowing attackers to set up
a malicious git repository that can be used to take over a client
computer: https://github.com/blog/1938-vulnerability-announced-update-your-git-clients.
Maintenance releases are already out for current Git versions.

My question is: When can we expect an update to the Cygwin git package
to address these concerns?

Cheers,
Richard

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:from:date:message-id:subject:to
	:content-type; q=dns; s=default; b=b5c1ebl/R2hxMuQj9CZbakcpi9+B0
	7bLhMAvxTSXHliLvVU7rP0W4t0RLPLclj1at5FZZzVFOWmS4Cp1llQoAktnQRIRv
	tCF9UEQ49SAaAZNELZD3xFSv6OLrMQYibx5h5KqBgJqEhzFAR6itQFEkU2f1iaPh
	D80gtFvZKnd7wk=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:from:date:message-id:subject:to
	:content-type; s=default; bh=quh1zyJnVhpi7WmN/bP0R5GYqfk=; b=f/K
	D41MLuzvGPQqFmtyeSWX15VE3p0umnRtvK4X6m1CYk+P0cpDlcQ/gLEJlf0kJDAe
	QpDTe2TA4/zQM3GTwSJpN9w7bgfRQiF3vfcNDvvm6wGtOb/Lg7K3qsiL+ytASWhw
	b+jgFfzHf7Axafsy9n74nRw3GxehzxPFpEWXN+HA=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=0.6 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2
X-HELO:	mail-ob0-f179.google.com
X-Received:	by 10.182.101.169 with SMTP id fh9mr3116852obb.0.1418946692469; Thu, 18 Dec 2014 15:51:32 -0800 (PST)
MIME-Version:	1.0
From:	Richard Mehlinger <rmehlinger AT gmail DOT com>
Date:	Thu, 18 Dec 2014 15:50:52 -0800
Message-ID:	<CAKL2AYOa3LNYC7xgg_8xUqiej10X47HUB4QQK5xUnJZR7mn_Eg@mail.gmail.com>
Subject:	Major Git vulnerability announced; when can we expect an update to the Cygwin git package?
To:	cygwin AT cygwin DOT com