Date: Fri, 01 Oct 2010 18:36:51 -0400 From: Michael Powell <nightrecon@hotmail.com> To: freebsd-questions@freebsd.org Subject: Re: Updating bzip2 to remove potential security vulnerability Message-ID: <i85nko$p3j$1@dough.gmane.org> References: <20101001121332.5b04fa61@scorpio> <20101001171420.GE40148@dan.emsphone.com> <20101001165940.5d0e73f5@scorpio> <20101001210014.GD86640@eggman.experts-exchange.com> <20101001222316.00004e8c@unknown> <20101001174929.16d43ac1@scorpio>
next in thread | previous in thread | raw e-mail | index | archive | help
Jerry wrote: [snip]. > > OK, I just updated my sources; however, this notation from the UPDATING > file does NOT appear in the UPDATING file on my machine: > > 20100920: p1 FreeBSD-SA-10:08.bzip2 > Fix an integer overflow in RLE length parsing when decompressing > corrupt bzip2 data. > > I am using this as the tag, which is probably incorrect. > > default release=cvs tag=RELENG_8 > > This is the stock standard-supfile. The stock stable-supfile has the > same tag. > The security tag for a release version is either RELENG_8_0 or RELENG_8_1, depending on which one you run. UPDATING has the entry wrt to these. -Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?i85nko$p3j$1>