> > It's there - try unchecking the check box to show obsolete > packages. But as more-2.11o-1 really does depend on libpcre, > it needs to be recompiled to pick up the security flaw. > > Meanwhile, as a temporary workaround, I've updated the setup.hint > to depend on libpcre until a new more is uploaded. This will make > libpcre be picked up even though it is hidden by being obsolete.
Actually, more-2.11o-1 was quite easy to build, and on recompilation it automatically picked up the newer libraries. Since more has not had an update since Mar 2002 (carved from util-linux 2.11o), but util-linux is now at 2.13-pre4, I'm assuming the maintainer is MIA, so I uploaded more-2.11o-2. I am NOT interested in maintaining this (I made no changes whatsoever from the -1 release other than the linked in libraries), as evidenced by the fact that I did not recarve more out of the latest util-linux. But at least the libpcre dependency is gone now. If there really is a maintainer, please step up and release more-2.13 sometime soon. But hey, not only do you get the libpcre security fix, but you can now do 'more 3-gig-file', since the old more was so old it was linked back when cygwin could not do 64-bit file offsets! -- Eric Blake (hopefully not stuck with being the more maintainer) -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
