From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-return-202786-listarch-cygwin=sourceware.org@cygwin.com>
Received: (qmail 13421 invoked by alias); 20 Apr 2016 16:56:49 -0000
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Received: (qmail 13407 invoked by uid 89); 20 Apr 2016 16:56:48 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.2 spammy=Hx-languages-length:579, Jari, Aalto, aalto
X-HELO: emh06.mail.saunalahti.fi
Received: from emh06.mail.saunalahti.fi (HELO emh06.mail.saunalahti.fi) (62.142.5.116) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-SHA encrypted) ESMTPS; Wed, 20 Apr 2016 16:56:47 +0000
Received: from picasso.cante.net (91-157-44-82.elisa-laajakaista.fi [91.157.44.82])	by emh06.mail.saunalahti.fi (Postfix) with ESMTP id BDC03699F6	for <cygwin@cygwin.com>; Wed, 20 Apr 2016 19:56:43 +0300 (EEST)
Received: from piccolo.cante.net ([192.168.1.9])	by picasso.cante.net with smtp (Exim 4.86)	(envelope-from <jari.aalto@cante.net>)	id 1asvQf-0003PK-W2; Wed, 20 Apr 2016 19:56:43 +0300
Received: by piccolo.cante.net (sSMTP sendmail emulation); Wed, 20 Apr 2016 19:56:40 +0300
Date: Wed, 20 Apr 2016 17:08:00 -0000
From: Jari Aalto <jari.aalto@cante.net>
To: cygwin@cygwin.com
Subject: Re: Security update needed for mercurial (upload error: doesn't follow naming convention)
Message-ID: <20160420165640.GB9640@piccolo>
References: <86h9fjdhkf.fsf@gmail.com> <vz137qhlfxy.fsf@gmail.com> <20160420085938.GA16548@calimero.vinschen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20160420085938.GA16548@calimero.vinschen.de>
User-Agent: Mutt/1.6.0 (2016-04-01)
X-SA-Exim-Connect-IP: 192.168.1.9
X-SA-Exim-Mail-From: jari.aalto@cante.net
X-SA-Exim-Scanned: No (on picasso.cante.net); SAEximRunCond expanded to false
X-SW-Source: 2016-04/txt/msg00520.txt.bz2

> 3.7.3 as a security release, with fixes for:
>
> CVE-2016-3630 Mercurial: remote code execution in binary delta decoding
> CVE-2016-3068 Mercurial: arbitrary code execution with Git subrepos
> CVE-2016-3069 Mercurial: arbitrary code execution when converting Git repos

New release uploaded, but I got this message (x64)?

ERROR: tar file 'mercurial-3.7.3.tar.gz' in package 'mercurial' doesn't follow naming convention
ERROR: error while reading uploaded packages for Jari Aalto

Jari

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple