This support statement is provided by the Product Management Team.
VSEL 2.0.2 came packaged with a version of glibc that is affected by the critical vulnerability CVE-2015-7547.
To address this issue, a new patch/full installation of VSEL has been released (2.0.3) that updates the glibc package to a supported version. It contains all fixes from VSEL 2.0.2, plus some additional new fixes that occurred after the latest VSEL 2.0.2 hotfixes.
For more information on the fixes included in VSEL 2.0.3, see
PD26579 - VirusScan Enterprise for Linux 2.0.3 Release Notes.
This new patch is deemed
mandatory because of the risk involved with the glibc vulnerability and the fact that the glibc packaged with VSEL 2.0.2 cannot be updated manually.
For customers who remain on VSEL 2.0.2, best effort support will continue to be provided. This involves ensuring that any current hotfixes are applied, implementing any documented fixes, and providing any known workarounds to help with the encountered issue. However, no defects will be opened with engineering and no hotfixes created for new issues that arise.
Any current issue that is addressed in VSEL 2.0.3, or any new issue encountered in VSEL 2.0.2, will require that VSEL 2.0.3 be installed first.
McAfee product software, upgrades, maintenance releases, and documentation are available from the Product Downloads site at:
http://www.mcafee.com/us/downloads/downloads.aspx.
NOTE: You need a valid Grant Number for access.
KB56057 provides additional information about the Product Downloads site, and alternate locations for some products.
