From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-return-213206-listarch-cygwin=sourceware.org@cygwin.com>
Received: (qmail 117254 invoked by alias); 19 Jul 2018 07:56:30 -0000
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Received: (qmail 117016 invoked by uid 89); 19 Jul 2018 07:56:11 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=0.1 required=5.0 tests=AWL,BAYES_05,KAM_NUMSUBJECT,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=no version=3.3.2 spammy=installer, H*F:U*a, H*p:U*a, Hx-languages-length:314
X-HELO: mail-pl0-f41.google.com
Received: from mail-pl0-f41.google.com (HELO mail-pl0-f41.google.com) (209.85.160.41) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 19 Jul 2018 07:56:10 +0000
Received: by mail-pl0-f41.google.com with SMTP id b1-v6so3262622pls.5        for <cygwin@cygwin.com>; Thu, 19 Jul 2018 00:56:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;        d=k7i.jp; s=google;        h=date:from:to:subject:message-id:mime-version         :content-transfer-encoding;        bh=C1l3QmJ2FR03erDSKdl4O+M2mg0l1yvM9kxKWKkvknQ=;        b=V71wY91pga5byoDXqOa1Gfvykk8vO8UCRB+NNnAaMZYw/L4/KLexZ3QvNVxMtC6Rjh         qEzEfZQTMT0wzk2uKfXF16P3p2w5PeLG/FwgQUZITfDkkZeYvJEjlf7MIK6fg86KWv5K         KqvoJrvKVtHmYf28P6JlzqLjwIHj/iR6FeqYYsYdSWjzD6HSf2grKhUQVBpF7SGaWhkJ         2S3oQ5XIQ6NF0uVJIoCWri7XiHskIhoDbr1M9MjmhZr8kcHejtfyLvPR/0EoNH+wLrr8         rKzxxfVBlmm7Rm8Dqifr3ygbJk5jksYy4FZiGiPk8ABd+wfKVNlA7zmRsCXZEEZkJSc8         DkZA==
Return-Path: <a@k7i.jp>
Received: from [10.196.5.68] ([27.110.51.2])        by smtp.gmail.com with ESMTPSA id x68-v6sm8112572pfb.138.2018.07.19.00.56.06        for <cygwin@cygwin.com>        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);        Thu, 19 Jul 2018 00:56:07 -0700 (PDT)
Date: Thu, 19 Jul 2018 15:20:00 -0000
From: Akihiko Kawaguchi <a@k7i.jp>
To: cygwin@cygwin.com
Subject: Question on CVE-2018-11235
X-Mailer-Plugin: Cliche Inserter for Becky!2 Ver.0.03 Rev.0
Message-Id: <20180719165604.7996.F7B0B048@k7i.jp>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
X-SW-Source: 2018-07/txt/msg00176.txt.bz2

Hello,

Does anyone know when git client package to fix the following
vulnerability will be released for Cygwin?

    https://nvd.nist.gov/vuln/detail/CVE-2018-11235

Currently, all the versions I can choose on Cygwin installer are
2.16.1-1, 2.16.2-1 or 2.17.0-1.

Best Regards,
Kawaguchi


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple