This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[ANNOUNCEMENT] Updated: file-5.22-1 [SECURITY]


I've updated the Cygwin version of file to 5.22-1.

This is an update to the latest official upstream version.  This
release fixes various CVE bugs:

  CVE-2014-9653: malformed elf file causes access to uninitialized memory
  CVE-2014-9621: limit string printing to 100 chars
  CVE-2014-9620: limit the number of ELF notes processed
  CVE-2014-8116: multiple denial of service issues (resource consumption)
  CVE-2014-8117: denial of service issue (resource consumption)


Have fun,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat, Inc.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]