The original 2.0.0 release does indeed include a vulnerable zlib
verison.
However 2.0.1 (currently post-rc1) development has wound down and
will be released within a few days, and will be near enough the
current build/revision.
On 13 Jul 2005, at 13:26, Florian Weimer wrote:
retitle 309196 [CAN-2005-2096] Includes private copy of libz
thanks
This bug makes the package very likely vulnerable to CAN-2005-2096.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
