Marcus Meissner wrote:
Does anybody know if Novell consider this a vulnerability and are they planning on releasing an update to bzip2 to fix it? I'd rather stick with the official published RPM versions of the bzip2 libraries and not have to replace them manually.
We are considering this a security vulnerability and will publish updates. This will likely happen begin of next week.
(It is just that we had some more critical issues this week.)
Great. Thanks for the very quick update Marcus. I'll leave the ClamAV update on the SLES mail servers until the official bzip2 patch is published then. Cheers, Andy -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org