Mercurial update needed for security fixes
Vince Rice
vrice@solidrocksystems.com
Mon Sep 25 17:35:00 GMT 2017
> On Sep 25, 2017, at 12:31 PM, Andy Moreton <andrewjmoreton@gmail.com> wrote:
>
> On Mon 18 Sep 2017, Ken Brown wrote:
>
>> On 9/18/2017 11:27 AM, Andy Moreton wrote:
>>> On Thu 17 Aug 2017, Andy Moreton wrote:
>>>
>>> Ping?
>>>
>>>> Hi,
>>>>
>>>> Can the mercurial maintainer please update to upstream Hg 4.3.1, to get
>>>> the fixes for CVE-2017-1000115 and CVE-2017-1000116.
>>
>> I don't know if he reads the list. I'm adding him to the Cc.
>>
>> Ken
>
> Still no response. If the maintiner does not read the project list or
> respond to email, then all of his packages are effectively abandoned.
>
> Can we please have a *security update* for mercurial ?
And if "effectively abandoned," then there's no one to update them. Are you volunteering?
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list