X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:cc:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=qkmOUiDpSsrkuGEX
	7If5iuFgkM6oRjVvOZ8hbtmhtrf85pa+P5omNqvbEQh+bw/BfiDcZVA5cSzhYOqC
	dJjynLNUCgb1wTGAX1FppbB9CSfDXh9vcf0ZTdB/wHMaqLYtrC538YXTE/D1hETb
	hgG5c2xHNVL+UHTLfDDvv8CYs8E=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:cc:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=bu5j3cFe2rnkTKANwbCWjm
	iHcUg=; b=ryRyTgEYXLRdh0PQUyN9RQu8aJJpL0nrDcFkzS3McJWHAYAqcHhmYU
	Ykj4d+CWWcOz0IRxdaIj54IsYPfFnLliEvkIC3KKf11dGiIQtWy3cLZryaKU+tP6
	cGIWS89n0ShLzTJujDiJRYRirOmniYNKOo8c95uAPAgcm5gVypCiI=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=0.6 required=5.0 tests=AWL,BAYES_50,KAM_LAZY_DOMAIN_SECURITY,SPF_HELO_PASS autolearn=no version=3.3.2 spammy=H*Ad:U*yselkowitz, kanthak, Kanthak, H*MI:sk:EF7B618
X-HELO: mx1.redhat.com
Subject: Re: [PWNED/DOSSED] Cygwin's setup-x86.exe loads and executes rogue DLL from its application directory
To: cygwin AT cygwin DOT com
References: <EF7B6182B7C54BBAA5083C40EF14529D AT W340>
Cc: security AT redhat DOT com, stefan DOT kanthak AT nexgo DOT de
From: Yaakov Selkowitz <yselkowitz AT cygwin DOT com>
Message-ID: <569013FE.20506@cygwin.com>
Date: Fri, 8 Jan 2016 13:54:38 -0600
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <EF7B6182B7C54BBAA5083C40EF14529D@W340>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

On 2016-01-06 08:17, Stefan Kanthak wrote:
[snip]

I am analyzing this and working on a response, which I hope to have 
early next week.

-- 
Yaakov

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple