On 03/05/2013 12:49 PM, m.roth at 5-cent.us wrote: > Johnny Hughes wrote: >> On 03/05/2013 11:51 AM, m.roth at 5-cent.us wrote: >>> I see there's a release today or so from Oracle of a new zero-day >>> vulnerability. Any idea how soon we'll have an update? >>> >>> <https://threatpost.com/en_us/blogs/oracle-rushes-emergency-java-update-patch-mcrat-vulnerabilities-030413> >>> >> As soon as redhat releases one? > Figured that - just wondered if y'all had heard anything. > > For that matter, I tried following the CSV, and can't find more info on > the NIST site - trying to figure out if it *only* affects Oracle's java, > or openjdk also. > It impacts both: https://bugzilla.redhat.com/show_bug.cgi?id=917553 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20130305/35ede1b0/attachment-0005.sig>