On 03/05/2013 12:51 PM, Johnny Hughes wrote: > On 03/05/2013 12:49 PM, m.roth@xxxxxxxxx wrote: >> Johnny Hughes wrote: >>> On 03/05/2013 11:51 AM, m.roth@xxxxxxxxx wrote: >>>> I see there's a release today or so from Oracle of a new zero-day >>>> vulnerability. Any idea how soon we'll have an update? >>>> >>>> <https://threatpost.com/en_us/blogs/oracle-rushes-emergency-java-update-patch-mcrat-vulnerabilities-030413> >>>> >>> As soon as redhat releases one? >> Figured that - just wondered if y'all had heard anything. >> >> For that matter, I tried following the CSV, and can't find more info on >> the NIST site - trying to figure out if it *only* affects Oracle's java, >> or openjdk also. >> > It impacts both: > > https://bugzilla.redhat.com/show_bug.cgi?id=917553 Note: That means (1) We're on it :D , and (2) When this is released for CentOS-6.x it will initially be in 6.3/CR repo if 6.4 is not released yet or 6.4/updates if 6.4 is released. CentOS-5.9 will just get the update released normally into 5.9/updates. When will CentOS-6.4 be released ... soon :) When is soon ... I would expect sometime before Friday, March 8th (or very close to that date).
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
