UbuntuUpdates.org

Package "bzip2"

Name: bzip2

Description:

high-quality block-sorting file compressor - utilities

Latest version: 1.0.6-8.1ubuntu0.2
Release: bionic (18.04)
Level: security
Repository: main
Homepage: http://www.bzip.org/

Links


Download "bzip2"


Other versions of "bzip2" in Bionic

Repository Area Version
base main 1.0.6-8.1
updates main 1.0.6-8.1ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.0.6-8.1ubuntu0.2 2019-07-04 15:07:30 UTC

  bzip2 (1.0.6-8.1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY REGRESSION: bzip2 update for CVE-2019-12900 causes some files raises
    incorrect CRC error. (LP: #1834494)
    - debian/patches/Accept-as-many-selectors-as-selectors*.patch

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 04 Jul 2019 09:35:36 -0300

Source diff to previous version
1834494 latest bzip2 reports crc errors incorrectly
CVE-2019-12900 BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

Version: 1.0.6-8.1ubuntu0.1 2019-06-26 14:06:50 UTC

  bzip2 (1.0.6-8.1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write
    - debian/patches/CVE-2019-12900.patch: make sure
      nSelectors is not out of range in decompress.c.
    - CVE-2019-12900

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 24 Jun 2019 15:56:48 -0300

CVE-2019-12900 BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.



About   -   Send Feedback to @ubuntu_updates