X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:references
	:mime-version:content-type:in-reply-to; q=dns; s=default; b=gHUO
	RPgCMk3scOKIIsvA8uh7GlypBW1cYjwZ6NKcbgz3RtVOE/ReuStlydkkblzEbXgO
	3gmtBOj3AJidh5U+uy712orRP4msyUMXtgZ198N5jHZ3js3GqanwAEWTcElLrTeG
	sMADv7OYcIdBD7Bpn/rquDmThRyJV3eWy2hRMuM=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:references
	:mime-version:content-type:in-reply-to; s=default; bh=J763QBvHmO
	LNVIWQ9XR94We8ANY=; b=s5qYhccWtGepR/R5titRQ6CgDP+l4Y6WlazRYnpdJx
	A2XHuDH1z8xbIOjiB6gdoBZCj/hqoiTVYJ78eQ/5L1wHhzsOmXK0gKjHQ0W+YQ1Y
	wGCuYW2t9ZeeZ+4bA4W7Ufxmo5GDnK14sj/IPeP3h3QGxFMIygGg87yBsb2w4OMZ
	Q=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.6 required=5.0 tests=AWL,BAYES_40,RP_MATCHES_RCVD,SPF_PASS autolearn=ham version=3.3.2 spammy=untrusted, taint, Perl, perl52212
X-HELO: mars.tony.develop-help.com
Date: Thu, 10 Mar 2016 10:43:25 +1100
From: Tony Cook <tony AT develop-help DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: [ANNOUNCEMENT] Updated: perl-5.22.1-2
Message-ID: <20160309234325.GI31807@mars.tony.develop-help.com>
References: <announce DOT 8760wve0c0 DOT fsf AT Rainer DOT invalid>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <announce.8760wve0c0.fsf@Rainer.invalid>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-IsSubscribed: yes

On Wed, Mar 09, 2016 at 11:46:39PM +0100, Achim Gratz wrote:
> 
> A new release of Perl version 5.22.1 is available, which fixes two cases
> of losing taint.  Immediate update is recommended if either the
> environment or the input to any Perl program can be controlled by an
> untrusted party.

Does this refer to the CVE-2015-8607 and CVE-2016-2381 fixes?

The second is a bit more complex than losing taint.

Tony

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple