This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
[SECURITY] mcrypt
- From: "Yaakov (Cygwin/X)" <yselkowitz at users dot sourceforge dot net>
- To: cygwin-apps <cygwin-apps at cygwin dot com>
- Date: Thu, 01 Nov 2012 16:46:34 -0500
- Subject: [SECURITY] mcrypt
Dr. Volker Zell,
Security vulnerabilities (CVE-2012-4409, CVE-2012-4527) have been
reported for the mcrypt package. Please rebuild 2.6.8 with the
following patches:
http://pkgs.fedoraproject.org/cgit/mcrypt.git/plain/mcrypt-CVE-2012-4409.patch
http://pkgs.fedoraproject.org/cgit/mcrypt.git/plain/mcrypt-CVE-2012-4527-80-width-patch
There are other patches in that git repo that you may wish to consider
adding as well, if you haven't already.
Thanks,
Yaakov