This is the mail archive of the
cygwin
mailing list for the Cygwin project.
[ANNOUNCEMENT] Updated: file-5.22-1 [SECURITY]
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin at cygwin dot com
- Date: Wed, 18 Feb 2015 12:25:55 +0100
- Subject: [ANNOUNCEMENT] Updated: file-5.22-1 [SECURITY]
- Authentication-results: sourceware.org; auth=none
- Authentication-results: sourceware.org; auth=none
- Reply-to: cygwin at cygwin dot com
I've updated the Cygwin version of file to 5.22-1.
This is an update to the latest official upstream version. This
release fixes various CVE bugs:
CVE-2014-9653: malformed elf file causes access to uninitialized memory
CVE-2014-9621: limit string printing to 100 chars
CVE-2014-9620: limit the number of ELF notes processed
CVE-2014-8116: multiple denial of service issues (resource consumption)
CVE-2014-8117: denial of service issue (resource consumption)
Have fun,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat, Inc.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple