Updating bzip2 to remove potential security vulnerability
Michael Powell
nightrecon at hotmail.com
Fri Oct 1 22:34:10 UTC 2010
Jerry wrote:
[snip].
>
> OK, I just updated my sources; however, this notation from the UPDATING
> file does NOT appear in the UPDATING file on my machine:
>
> 20100920: p1 FreeBSD-SA-10:08.bzip2
> Fix an integer overflow in RLE length parsing when decompressing
> corrupt bzip2 data.
>
> I am using this as the tag, which is probably incorrect.
>
> default release=cvs tag=RELENG_8
>
> This is the stock standard-supfile. The stock stable-supfile has the
> same tag.
>
The security tag for a release version is either RELENG_8_0 or RELENG_8_1,
depending on which one you run. UPDATING has the entry wrt to these.
-Mike
More information about the freebsd-questions
mailing list