From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-announce-return-5768-listarch-cygwin-announce=sources.redhat.com@cygwin.com>
Received: (qmail 19218 invoked by alias); 11 Jan 2015 03:01:20 -0000
Mailing-List: contact cygwin-announce-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin-announce.cygwin.com>
List-Subscribe: <mailto:cygwin-announce-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin-announce/>
List-Post: <mailto:cygwin-announce@cygwin.com>
List-Help: <mailto:cygwin-announce-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-announce-owner@cygwin.com
Reply-To: The Cygwin Mailing List <cygwin@cygwin.com>
Mail-Followup-To: cygwin-announce@cygwin.com
Received: (qmail 2299 invoked by uid 89); 10 Jan 2015 23:29:50 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2
X-HELO: mail-wi0-f172.google.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:date:from:to:subject:message-id:mime-version
         :content-type:content-disposition:user-agent;
        bh=cGJgyzdd6/x0vNM29rJcLNt7y39R/EpO0Rn3SISi2i0=;
        b=Xm+kk7V22yUpFPNYlxuPvj0zLprDWKXo224dVwf34cOMiXX98ZE7ylLX2FxudOtoj/
         lnXXE8ZpAan/v4HZ5SPCevF0BngDlbHfp95vyUjb/ohf7MzYOdQqE/zkXAmfjtlazMrP
         j7osBSQ1u8VEb1qLewrVo4ywYCkXbDOAurYvZzarzXIagjAcY5xaxDxyS/o/IL4YfEgq
         3pgpHWSJ9SKxzXC8Vese9zZDCBP6blrE/ysB+01An5fbYRuZqLP8bH5gwOdvOQbyLoYZ
         r3+tXmvrkH3zgCZ+8msNuUtVfSLX24SJ53R2k6YbvVwMFgmO6K8f8WRCZnA9w4gSoTM3
         p7kg==
X-Gm-Message-State: ALoCoQkcRko7t/Do6vratHj+CU8HBMWSVGeLq9Reka4laTQ9X9bUampQKaiTAWUxw6x4T7julHPM
X-Received: by 10.180.207.10 with SMTP id ls10mr17667830wic.7.1420932585185;
        Sat, 10 Jan 2015 15:29:45 -0800 (PST)
Date: Sun, 11 Jan 2015 03:01:00 -0000
From: Adam Dinwoodie <adam@dinwoodie.org>
To: cygwin-announce@cygwin.com
Subject: Security update: Git-2.1.4-1
Message-ID: <20150110232925.GA19140@dinwoodie.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-SW-Source: 2015-01/txt/msg00012.txt.bz2

Version 2.1.4-1 of Git has been uploaded and should be coming soon to a
mirror near you.  This is a security update of Git to patch
CVE-2014-9390, which would allow an attacker to create a malicious Git
repository which could run arbitrary code on a computer running an
affected version of Git.

This update includes the following packages:

-   git
-   git-completion
-   git-cvs
-   git-debuginfo
-   git-email
-   git-gui
-   gitk
-   git-svn
-   gitk

For a full list of the upstream changes in this release, please refer to
the upstream changelogs:

https://git.kernel.org/cgit/git/git.git/tree/Documentation/RelNotes

This release also adds font-adobe-dpi75 to the requirement lists for
gitk, as reported by Henri:

https://cygwin.com/ml/cygwin/2015-01/msg00086.html