X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-2.9 required=5.0	tests=ALL_TRUSTED,BAYES_00
X-Spam-Check-By: sourceware.org
X-SWARE-Spam-Status: No, hits=-1.9 required=5.0	tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE
From: Andrew Schulman <schulman DOT andrew AT epamail DOT epa DOT gov>
To: cygwin AT cygwin DOT com
Subject: [ANNOUNCEMENT] [security] Updated: socat 1.7.1.3-1 and 2.0.0b4-1
Date: Mon, 24 Oct 2011 10:34:21 -0400
Message-Id: <announce.hqtaa7lbjojnhskploj12kj5laml6hhn30@4ax.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Reply-To: cygwin AT cygwin DOT com
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id p9OEuH6v031551

Two new versions of socat, 1.7.1.3-1 and 2.0.0b4-1, are now available in the
Cygwin distribution.  

These releases both include a security fix for a stack overflow vulnerability.
Please see the upstream advisory at
http://www.dest-unreach.org/socat/contrib/socat-secadv2.html for details.

All socat users are encouraged to upgrade.  The previous Cygwin releases,
1.7.1.1-1 and 2.0.0b3-1, have been removed from the archive.

socat is a relay for bidirectional data transfer between two independent data
channels. Each of these data channels may be a file, pipe, device (serial line
etc. or a pseudo terminal), a socket (UNIX, IP4, IP6 - raw, UDP, TCP), an SSL
socket, proxy CONNECT connection, a file descriptor (stdin etc.), the GNU line
editor (readline), a program, or a combination of two of these. These modes
include generation of 'listening' sockets, named pipes, and pseudo terminals.
socat can be used, e.g., as TCP port forwarder (one-shot or daemon), as an
external socksifier, for attacking weak firewalls, as a shell interface to UNIX
sockets, IP6 relay, for redirecting TCP oriented programs to a serial line, to
logically connect serial lines on different computers, or to establish a
relatively secure environment (su and chroot) for running client or server shell
scripts with network connections.

Home page: http://www.dest-unreach.org/socat/

Andrew E. Schulman


*******************************************************************


To update your installation, click on the "Install Cygwin now" link on
the http://cygwin.com/ web page.  This downloads setup.exe to your
system.  Then, run setup and answer all of the questions.

              *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***

If you want to unsubscribe from the cygwin-announce mailing list, look
at the "List-Unsubscribe: " tag in the email header of this message.
Send email to the address specified there.  It will be in the format:

cygwin-announce-unsubscribe-you=yourdomain DOT com AT cygwin DOT com  

If you need more information on unsubscribing, start reading here: 

http://cygwin.com/lists.html#unsubscribe-simple

Please read *all* of the information on unsubscribing that is available
starting at this URL.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple