This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[SECURITY] arc

From: Yaakov Selkowitz <yselkowitz at cygwin dot com>
To: "cygwin-apps at cygwin dot com" <cygwin-apps at cygwin dot com>
Cc: Jari Aalto <jari dot aalto at cante dot net>
Date: Tue, 17 Feb 2015 20:06:58 -0600
Subject: [SECURITY] arc
Authentication-results: sourceware.org; auth=none

Jari,

A directory traversal vulnerability has been found in arc.  Please add
the following patches to the arc package ASAP:

http://pkgs.fedoraproject.org/cgit/arc.git/plain/arc-5.21p-hdrv1-read-fix.patch
http://pkgs.fedoraproject.org/cgit/arc.git/plain/arc-5.21p-fix-arcdie.patch
http://pkgs.fedoraproject.org/cgit/arc.git/plain/arc-5.21p-directory-traversel.patch

BTW there are also some documentation patches in that repo which you may
wish to consider adding.

TIA,

Yaakov

Follow-Ups:
- Re: [SECURITY] arc 5.21p-1 (UPLOADED)
  - From: Jari Aalto

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]