Thu May 20 14:22:00 GMT 2004
Neon has been updated to new upstream version 0.24.6.
This is a security bugfix release. There are no security consequences to Cygwin users, however, because no packages using neon have
yet been added to the Cygwin net distribution.
Changes in release 0.24.6:
* SECURITY (CVE CAN-2004-0398): Fix sscanf overflow in ne_rfc1036_parse,
thanks to Stefan Esser.
* Link libneon against libexpat during Subversion build using bundled neon.
* Win32 build script update (Jon Foster).
More information about the Cygwin-announce