On Wed, 16 Feb 2005 14:57:16 +0100 Tarjei Knapstad <[EMAIL PROTECTED]> wrote:
> Nobody is whining here Dennis. > > I was asking a question about what the zlib warning was all about. The www.zlib.net: "October 3rd, 2004 Version 1.2.2 eliminates a potential security vulnerability in zlib 1.2.1, so all users of 1.2.1 should upgrade immediately. The following important fixes are provided in zlib 1.2.2[...]" > 3rd party SRPM requires zlib 1.2.1.2 which is the latest available for > FC3 (1.2.2.2 is in Rawhide). The zlib homepage doesn't mention > anything about 1.2.2 (you can download it if you manually change the You're wrong. > Java test suite? Assembler builds on VC6? Not applicable. 1.2.1.2 is > the version where all the nasties were fixed. Something may have been You're wrong. We've been playing with the bug in zlib since March 2004 and we have some knowledge which versions are fixed or not. > "The software doesn't have a brain" alright, but it would be a lot > more helpful if that warning actually stated what the possible problem > was. (CAN-2004-0797 for instance?) It suggests visiting www.zlib.net and you didn't do it. > That said, nobody is complaining that the ClamAV developers aren't > running around checking exactly what patch set people have installed. > Andreas was just pointing out that the 1.2.1.2 in SuSE has already > been patched, and I have nothing to worry about if I run SuSE. The Anyway, do not report any stability issues with clamd. -- oo ..... Tomasz Kojm <[EMAIL PROTECTED]> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Wed Feb 16 15:19:23 CET 2005
pgp27ermNTILL.pgp
Description: PGP signature
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
