* [SECURITY] arc
@ 2015-02-18 2:07 Yaakov Selkowitz
2015-02-19 10:19 ` [SECURITY] arc 5.21p-1 (UPLOADED) Jari Aalto
0 siblings, 1 reply; 3+ messages in thread
From: Yaakov Selkowitz @ 2015-02-18 2:07 UTC (permalink / raw)
To: cygwin-apps; +Cc: Jari Aalto
Jari,
A directory traversal vulnerability has been found in arc. Please add
the following patches to the arc package ASAP:
http://pkgs.fedoraproject.org/cgit/arc.git/plain/arc-5.21p-hdrv1-read-fix.patch
http://pkgs.fedoraproject.org/cgit/arc.git/plain/arc-5.21p-fix-arcdie.patch
http://pkgs.fedoraproject.org/cgit/arc.git/plain/arc-5.21p-directory-traversel.patch
BTW there are also some documentation patches in that repo which you may
wish to consider adding.
TIA,
Yaakov
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-02-19 17:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-02-18 2:07 [SECURITY] arc Yaakov Selkowitz
2015-02-19 10:19 ` [SECURITY] arc 5.21p-1 (UPLOADED) Jari Aalto
2015-02-19 17:10 ` Yaakov Selkowitz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).