This is the mail archive of the
cygwin-announce
mailing list for the Cygwin project.
Updated: file-5.22-1 [SECURITY]
- From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
- To: cygwin-announce at cygwin dot com
- Date: Wed, 18 Feb 2015 12:25:55 +0100
- Subject: Updated: file-5.22-1 [SECURITY]
- Authentication-results: sourceware.org; auth=none
- Reply-to: The Cygwin Mailing List <cygwin at cygwin dot com>
I've updated the Cygwin version of file to 5.22-1.
This is an update to the latest official upstream version. This
release fixes various CVE bugs:
CVE-2014-9653: malformed elf file causes access to uninitialized memory
CVE-2014-9621: limit string printing to 100 chars
CVE-2014-9620: limit the number of ELF notes processed
CVE-2014-8116: multiple denial of service issues (resource consumption)
CVE-2014-8117: denial of service issue (resource consumption)
Have fun,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat, Inc.