* [ANNOUNCEMENT] Updated: perl-5.22.1-2
@ 2016-03-09 23:00 Achim Gratz
2016-03-09 23:43 ` Tony Cook
0 siblings, 1 reply; 3+ messages in thread
From: Achim Gratz @ 2016-03-09 23:00 UTC (permalink / raw)
To: cygwin
A new release of Perl version 5.22.1 is available, which fixes two cases
of losing taint. Immediate update is recommended if either the
environment or the input to any Perl program can be controlled by an
untrusted party.
--
*** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
If you want to unsubscribe from the cygwin-announce mailing list, look
at the "List-Unsubscribe: " tag in the email header of this message.
Send email to the address specified there. It will be in the format:
cygwin-announce-unsubscribe-you=yourdomain.com@cygwin.com
If you need more information on unsubscribing, start reading here:
http://sourceware.org/lists.html#unsubscribe-simple
Please read *all* of the information on unsubscribing that is available
starting at this URL.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [ANNOUNCEMENT] Updated: perl-5.22.1-2
2016-03-09 23:00 [ANNOUNCEMENT] Updated: perl-5.22.1-2 Achim Gratz
@ 2016-03-09 23:43 ` Tony Cook
2016-03-10 6:26 ` Achim Gratz
0 siblings, 1 reply; 3+ messages in thread
From: Tony Cook @ 2016-03-09 23:43 UTC (permalink / raw)
To: cygwin
On Wed, Mar 09, 2016 at 11:46:39PM +0100, Achim Gratz wrote:
>
> A new release of Perl version 5.22.1 is available, which fixes two cases
> of losing taint. Immediate update is recommended if either the
> environment or the input to any Perl program can be controlled by an
> untrusted party.
Does this refer to the CVE-2015-8607 and CVE-2016-2381 fixes?
The second is a bit more complex than losing taint.
Tony
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [ANNOUNCEMENT] Updated: perl-5.22.1-2
2016-03-09 23:43 ` Tony Cook
@ 2016-03-10 6:26 ` Achim Gratz
0 siblings, 0 replies; 3+ messages in thread
From: Achim Gratz @ 2016-03-10 6:26 UTC (permalink / raw)
To: cygwin
Tony Cook writes:
> Does this refer to the CVE-2015-8607 and CVE-2016-2381 fixes?
Yes.
> The second is a bit more complex than losing taint.
I was trying to not overcomplicate things, maybe unsuccessfully.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
DIY Stuff:
http://Synth.Stromeko.net/DIY.html
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-03-10 6:26 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-03-09 23:00 [ANNOUNCEMENT] Updated: perl-5.22.1-2 Achim Gratz
2016-03-09 23:43 ` Tony Cook
2016-03-10 6:26 ` Achim Gratz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).