Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com From: "Max Bowsher" To: cygwin AT cygwin DOT com Subject: [ANNOUNCEMENT] Updated: neon-0.24.6-1 Reply-To: cygwin AT cygwin DOT com Message-Id: <20040520150339.55FAB400030@timesys.com> Date: Thu, 20 May 2004 11:03:39 -0400 (EDT) Neon has been updated to new upstream version 0.24.6. This is a security bugfix release. There are no security consequences to Cygwin users, however, because no packages using neon have yet been added to the Cygwin net distribution. Upstream announcement: Changes in release 0.24.6: * SECURITY (CVE CAN-2004-0398): Fix sscanf overflow in ne_rfc1036_parse, thanks to Stefan Esser. * Link libneon against libexpat during Subversion build using bundled neon. * Win32 build script update (Jon Foster). Max. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/