This is the mail archive of the
cygwin-announce
mailing list for the Cygwin project.
Security update: Git-2.1.4-1
- From: Adam Dinwoodie <adam at dinwoodie dot org>
- To: cygwin-announce at cygwin dot com
- Date: Sat, 10 Jan 2015 23:29:25 +0000
- Subject: Security update: Git-2.1.4-1
- Authentication-results: sourceware.org; auth=none
- Reply-to: The Cygwin Mailing List <cygwin at cygwin dot com>
Version 2.1.4-1 of Git has been uploaded and should be coming soon to a
mirror near you. This is a security update of Git to patch
CVE-2014-9390, which would allow an attacker to create a malicious Git
repository which could run arbitrary code on a computer running an
affected version of Git.
This update includes the following packages:
- git
- git-completion
- git-cvs
- git-debuginfo
- git-email
- git-gui
- gitk
- git-svn
- gitk
For a full list of the upstream changes in this release, please refer to
the upstream changelogs:
https://git.kernel.org/cgit/git/git.git/tree/Documentation/RelNotes
This release also adds font-adobe-dpi75 to the requirement lists for
gitk, as reported by Henri:
https://cygwin.com/ml/cygwin/2015-01/msg00086.html