hacked package on server

Louis Kruger lpkruger@cs.wisc.edu
Mon Jul 16 17:55:00 GMT 2007

> I do think that instead of simply aborting the install with a message that 
> the server was compromised (was it?  or is something else going on?), that 
> a more useful option would be to allow the user to select a different 
> mirror and continue the process.

Sure.  I just wanted to make the point that it is important to take 
extra steps to protect end-user from malicious tampering.

If you want to investigate this, the file is here.  The file size is 
correct, the MD5 is not.



Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list