This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
HEADSUP: pcre security announcement
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin-apps at cygwin dot com
- Cc: Ronald Landheer-Cieslak <blytkerchan at users dot sourceforge dot net>
- Date: Mon, 22 Aug 2005 21:34:26 +0200
- Subject: HEADSUP: pcre security announcement
- Reply-to: cygwin-apps at cygwin dot com
Ronald,
I just found out about the following security advisory:
http://www.securitytracker.com/alerts/2005/Aug/1014744.html
"PCRE Heap Overflow May Let Users Execute Arbitrary Code"
This is a vulnerability up to PCRE version 6.1. I just realized that
your latest PCRE update is from 2003-12-15, version 4.5. Could you
please look into this and update PCRE to the latest version 6.3?
Thanks,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader mailto:cygwin@cygwin.com
Red Hat, Inc.