Re: Pine and a buffer overflow problem

Angelo Graziosi wrote: > At http://www.washington.edu/pine/ is suggested to install 4.64 to fix > this > http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities > problem. > > But in Cygwin, Pine is still 4.58 and it has still a maintainer!. See http://cygwin.com/ml/cygwin/200

Re: MD5s of setup.exe on mirrors.

Christopher Faylor wrote: > That + if you want to talk about trust then you should trust the method > that we advertise for installing cygwin which is to click on the > "Install Cygwin Now!" link. Are you saying that I should trust setup.exe downloaded from cygwin.com more than setup.exe downloade

Re: MD5s of setup.exe on mirrors.

Christopher Faylor wrote: > It was actually all academic before since: 1) there was nothing wrong > with the setup.exe on the mirrors and 2) people shouldn't have been > running setup.exe from the mirrors to begin with. Can you elaborate on why people shouldn't run setup.exe from the mirrors? I do

Re: MD5s of setup.exe on mirrors.

Christopher Faylor wrote: >> Nobody seemed to care. Considering the fact that MD5 collisions are now >> trivial >> to generate, it probably doesn't matter much anyways - the fact that your >> copy >> of setup.exe has the right MD5 doesn't mean that it hasn't been tampered >> with. > > We don't

Re: MD5s of setup.exe on mirrors.

[EMAIL PROTECTED] wrote: > Cygwin mirrors have in their toplevel a setup.exe and an md5.sum. The > m5sum is > > ae1944f528338033bab3b4710d5bd736 setup.bz2 > b31ddcef84f25919a5d3184167b4a90d setup.exe > 0503889504b7ff0b23e65586a522b3ad setup.ini > > whereas the setup.exe has actually the

cygwin security updates

Hi, Does Cygwin have a security team that is responsible for keeping track of vulnerabilities in the packages shipped with the default distribution? Is there a website that lists Cygwin packages that were updated to fix a security issue? Something similar to http://www.debian.org/security/ ? Ale

bad md5 of setup.exe on mirrors.kernel.org

The MD5 hash of setup.exe on mirrors.kernel.org does not match the hash on ftp.cygwin.com. $ wget ftp://ftp.cygwin.com/pub/cygwin/setup.exe $ md5sum.exe setup.exe b31ddcef84f25919a5d3184167b4a90d *setup.exe $ wget http://mirrors.kernel.org/sourceware/cygwin/setup.exe $ md5sum.exe setup.exe fbc848

Re: grep -P segfault

Mike Brown wrote: > Can anyone reproduce this? Reproduced on cygwin 1.5.22 with grep 2.5.1 $ echo hello | grep -P '\n' hello hello hello Segmentation fault (core dumped) Alex -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.

Re: make keeps an open handle to a file, can't delete parent directory

Larry Hall (Cygwin) wrote: > That's a Windowsism. You should see better results with a recent snapshot: > > > > It would be great if you tested your case with a snapshot and report back > your findings. The latest snapshot (Jan 18, 2006) has the same bug. The test

make keeps an open handle to a file, can't delete parent directory

Hi, I am having a problem with GNU make 3.81 on cygwin 1.5.22. It looks like a problem with cygwin and not make, but I am not sure exactly what's causing it. I reduced my makefile to a minimal testcase and attached it to this email. The makefile creates a foo/bar/ directory and then tries to remo