paul.hermeneutic-re5jqeeqqe8avxtiumw...@public.gmane.org wrote: > It would seem that Cygwin is using a somewhat old version of Info-ZIP > from which zip and unzip are created. The info-zip.org > > > From the http://info-zip.org/ site, there is: > > """ > All known vulnerabilities are fixed in Zip 2.32. > """ > > However, it appears that Cygwin is using version 3.0.
err... "3.0" is newer than "2.32". The older 2.32 version fixed all known vulnerabilities. 3.0 added additional features, but still maintains all of the older 2.32 version's fixes to known vulnerabilities. > What is the process to get this updated? Please advise. Thanks. 3.0 is the most recent version, and has been available for cygwin since March. http://cygwin.com/ml/cygwin-announce/2009-03/msg00027.html -- Chuck
