On Oct 24, 2010, at 21:01, John B Brown wrote: > bzip2 : bugged (CVE-2010-0405)
> This is the tail end of the compile. Exactly what is there about the > bzip2 file installed by port that would cause that complaint from a virus > detector? Well, they are referring to this CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405 Versions of bzip2 before 1.0.6 had an integer overflow. Have you updated to bzip2 1.0.6? If so, you should no longer have that vulnerability. _______________________________________________ macports-users mailing list [email protected] http://lists.macosforge.org/mailman/listinfo.cgi/macports-users
