cygstart: buffer overflow when a URI is passed (cygutils-1.4.17-[23])
Jon Turney
jon.turney@dronecode.org.uk
Sun May 18 13:53:17 GMT 2025
On 24/04/2025 21:31, Mark Geisert via Cygwin-apps wrote:
> Hi Jeremy,
>
> On 4/24/2025 11:57 AM, Jeremy Drake via Cygwin-apps wrote:
>> On Wed, 23 Apr 2025, Mark Geisert via Cygwin wrote:
>>
>>> A new version 1.4.17-4 of the cygutils packages with a corrected
>>> 'cygstart' is now making its way to the mirrors.
>>
>> Can I ask why patches are made in the packaging rather than applied to
>> the cygwin-apps/cygutils git repository, given that this package is
>> "local" to Cygwin and therefore has no other "upstream"? How would you
>> decide to make a 1.4.17-4 rather than a 1.4.18-1?
>
> A fair question.
>
> I think cygutils might have been the first package I ITA'd years ago. I
> wasn't yet up to speed on the whole package management framework. I'm
> (somewhat) better with the more recent adoptions I've made. As time
> permits all the packages I manage will be done identically and involve
> the cygwin-apps git repository, the CI process, etc.
>
> I personally would probably go to 1.4.18-1 when some major packaging
> change was made. I went from 1.4.16 to 1.4.17 when I took over from
> Chuck Wilson.
Please don't be shy about consuming version numbers!
If you ever run short, I have an inexhaustible supply of monotonically
increasing integers you can use...
More information about the Cygwin-apps
mailing list