bugged bzip2?

Ryan Schmidt ryandesign at macports.org
Sun Oct 24 19:21:28 PDT 2010

On Oct 24, 2010, at 21:01, John B Brown wrote:

>              bzip2       : bugged (CVE-2010-0405)

> 	This is the tail end of the compile. Exactly what is there about the bzip2 file installed by port that would cause that complaint from a virus detector?

Well, they are referring to this CVE:


Versions of bzip2 before 1.0.6 had an integer overflow. Have you updated to bzip2 1.0.6? If so, you should no longer have that vulnerability.

More information about the macports-users mailing list