On 28/08/2025 15:07, Jeffrey Altman via Cygwin wrote:
On 8/28/2025 9:44 AM, Michael Cook via Cygwin wrote:
Apparently, there's a critical security vulnerability in git.
https://github.blog/open-source/git/git-security-vulnerabilities-
announced-6/
Cygwin is currently at 2.45.1.
We're being urged to upgrade to 2.50.1.
2.45.4 is available as a security fix release for the 2.45 version if
Cygwin wishes a smaller update.
Hi Adam,
I hope you are well.
A couple of people have raised concerns about vulnerabilities in the
current cygwin git package, i.e:
https://cygwin.com/pipermail/cygwin/2025-August/258716.html
https://cygwin.com/pipermail/cygwin/2025-August/258722.html
I notice that while you are still the maintainer of record for git, you
haven't been active for over a year, so it would help at lot if you
could let me know your intentions here.
Please let me know if you want to orphan it and/or all your other packages.
In any case, thanks for all your work on git in the past.
