This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: [Attn] git maintainer: Remote Code Execution for git < 2.7.1
- From: Adam Dinwoodie <adam at dinwoodie dot org>
- To: cygwin at cygwin dot com
- Date: Fri, 18 Mar 2016 10:43:14 +0000
- Subject: Re: [Attn] git maintainer: Remote Code Execution for git < 2.7.1
- Authentication-results: sourceware.org; auth=none
- References: <CAFo71_6ZRGH6zkb7U2rDCf1vu0jz9-w1Cmv_ccW6aRDBszEhYw at mail dot gmail dot com> <20160316105010 dot GN29016 at dinwoodie dot org> <CAFo71_43UGbDkvT9k+1n5KyvpUkeedd78CMUepFB3zzYwY4Kug at mail dot gmail dot com>
On Fri, Mar 18, 2016 at 10:41:41AM +0200, Ismail Donmez wrote:
> On Wed, Mar 16, 2016 at 12:50 PM, Adam Dinwoodie <adam@dinwoodie.org> wrote:
> > On Wed, Mar 16, 2016 at 07:43:54AM +0200, Ismail Donmez wrote:
> >> Please see http://www.openwall.com/lists/oss-security/2016/03/15/5 .
> >> Would be nice to update to just released 2.7.3 version.
> >
> > Ack, thanks for the heads up. I've been holding off on making a release
> > while investigating some test failures, but I'll try to make a new build
> > available either today or tomorrow.
>
> Now git 2.7.4 is released with more security fixes:
> https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.7.4.txt
> :(
Yes, I spotted that last night. I needed to do a rebuild anyway, so
I'll build this version.
Adam
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple