SECURITY: [ GLSA 200706-09 ] libexif: Buffer overflow
Christopher Faylor
cgf-use-the-mailinglist-please@cygwin.com
Thu Jul 26 14:32:00 GMT 2007
On Thu, Jul 26, 2007 at 09:17:58AM +0200, Corinna Vinschen wrote:
>On Jul 25 20:28, Yaakov (Cygwin Ports) wrote:
>> > Corinna Vinschen wrote:
>> >> Another question: The exif package was Gerrit's package, too, and
>> >> it's still on version 0.6.9. Any chance that you could take this one
>> >> over as well?
>>
>> I could bump this, but exif depends on libpopt0, which hasn't been
>> updated within the distro in over five years.
>
>Does that matter? Would the latest libpopt bump the DLL version number?
>
>> cgf, as the popt maintainer on record, would you mind bumping popt to
>> the current version?
It doesn't look that way.
FWIW, libpopt0 was, the last time I checked, linked to rpm and rpm had
become particularly hard to port to cygwin, also the last time I
checked.
cgf
More information about the Cygwin-apps
mailing list