* [ANNOUNCEMENT] Updated: perl-5.22.1-2 @ 2016-03-09 23:00 Achim Gratz 2016-03-09 23:43 ` Tony Cook 0 siblings, 1 reply; 3+ messages in thread From: Achim Gratz @ 2016-03-09 23:00 UTC (permalink / raw) To: cygwin A new release of Perl version 5.22.1 is available, which fixes two cases of losing taint. Immediate update is recommended if either the environment or the input to any Perl program can be controlled by an untrusted party. -- *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO *** If you want to unsubscribe from the cygwin-announce mailing list, look at the "List-Unsubscribe: " tag in the email header of this message. Send email to the address specified there. It will be in the format: cygwin-announce-unsubscribe-you=yourdomain.com@cygwin.com If you need more information on unsubscribing, start reading here: http://sourceware.org/lists.html#unsubscribe-simple Please read *all* of the information on unsubscribing that is available starting at this URL. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [ANNOUNCEMENT] Updated: perl-5.22.1-2 2016-03-09 23:00 [ANNOUNCEMENT] Updated: perl-5.22.1-2 Achim Gratz @ 2016-03-09 23:43 ` Tony Cook 2016-03-10 6:26 ` Achim Gratz 0 siblings, 1 reply; 3+ messages in thread From: Tony Cook @ 2016-03-09 23:43 UTC (permalink / raw) To: cygwin On Wed, Mar 09, 2016 at 11:46:39PM +0100, Achim Gratz wrote: > > A new release of Perl version 5.22.1 is available, which fixes two cases > of losing taint. Immediate update is recommended if either the > environment or the input to any Perl program can be controlled by an > untrusted party. Does this refer to the CVE-2015-8607 and CVE-2016-2381 fixes? The second is a bit more complex than losing taint. Tony -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [ANNOUNCEMENT] Updated: perl-5.22.1-2 2016-03-09 23:43 ` Tony Cook @ 2016-03-10 6:26 ` Achim Gratz 0 siblings, 0 replies; 3+ messages in thread From: Achim Gratz @ 2016-03-10 6:26 UTC (permalink / raw) To: cygwin Tony Cook writes: > Does this refer to the CVE-2015-8607 and CVE-2016-2381 fixes? Yes. > The second is a bit more complex than losing taint. I was trying to not overcomplicate things, maybe unsuccessfully. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ DIY Stuff: http://Synth.Stromeko.net/DIY.html -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-03-10 6:26 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2016-03-09 23:00 [ANNOUNCEMENT] Updated: perl-5.22.1-2 Achim Gratz 2016-03-09 23:43 ` Tony Cook 2016-03-10 6:26 ` Achim Gratz
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).