From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 30892 invoked by alias); 31 Mar 2015 19:15:55 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 30871 invoked by uid 89); 31 Mar 2015 19:15:55 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.7 required=5.0 tests=AWL,BAYES_00,SPF_HELO_PASS autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Tue, 31 Mar 2015 19:15:53 +0000 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (Postfix) with ESMTPS id 8F9C1AECAF for ; Tue, 31 Mar 2015 19:15:52 +0000 (UTC) Received: from YAAKOV04.redhat.com ([10.10.116.22]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t2VJFosx017203 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Tue, 31 Mar 2015 15:15:52 -0400 Message-ID: <1427829355.8576.45.camel@cygwin.com> Subject: [SECURITY] libtasn1: CVE-2015-2806 From: Yaakov Selkowitz To: "cygwin-apps@cygwin.com" Date: Tue, 31 Mar 2015 19:15:00 -0000 Content-Type: text/plain; charset="UTF-8" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2015-03/txt/msg00216.txt.bz2 Dr. Volker Zell, A stack overflow has been reported[1][2] in libtasn1. Could you please update our package to 4.4. ASAP? [1] https://lists.gnu.org/archive/html/help-libtasn1/2015-03/msg00002.html [2] https://bugzilla.redhat.com/show_bug.cgi?id=1207192 -- Yaakov