bugged bzip2?
Ryan Schmidt
ryandesign at macports.org
Sun Oct 24 19:21:28 PDT 2010
On Oct 24, 2010, at 21:01, John B Brown wrote:
> bzip2 : bugged (CVE-2010-0405)
> This is the tail end of the compile. Exactly what is there about the bzip2 file installed by port that would cause that complaint from a virus detector?
Well, they are referring to this CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405
Versions of bzip2 before 1.0.6 had an integer overflow. Have you updated to bzip2 1.0.6? If so, you should no longer have that vulnerability.
More information about the macports-users
mailing list