The mingw-zlib package has been updated to version 1.2.2-2. zlib is a
standard lossless compression library; mingw-zlib is a version built
using the standard windows runtime library and NOT cygwin; it is used by
setup.exe among other tools.
This is a security bugfix release.
CHANGES:
Includes patch for security issue can-2005-2096 "Buffer overflow in zlib
1.2 and later versions allows remote attackers to cause a denial of
service (crash) via a crafted compressed stream,"
--
Charles Wilson
mingw-zlib volunteer maintainer for cygwin
To update your installation, click on the "Install Cygwin now" link on
the http://cygwin.com/ web page. This downloads setup.exe to your
system. Then, run setup and answer all of the questions.
*** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***
If you want to unsubscribe from the cygwin-announce mailing list, look
at the "List-Unsubscribe: " tag in the email header of this message.
Send email to the address specified there. It will be in the format:
[EMAIL PROTECTED]
If you need more information on unsubscribing, start reading here:
http://sources.redhat.com/lists.html#unsubscribe-simple
Please read *all* of the information on unsubscribing that is available
starting at the above URL.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
