AVG-4 log
| Package | bzip2 |
| Status | Fixed |
| Severity | Low |
| Type | denial of service |
| Affected | 1.0.6-5 |
| Fixed | 1.0.6-6 |
| Current | 1.0.8-6 [core] |
| Ticket | None |
| Created | Sun Sep 18 15:55:06 2016 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-3189 | Low | No | Denial of service | A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. An attacker could use this... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 22 Feb 2017 | ASA-201702-19 | bzip2 | denial of service |
| References |
|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1319648 |
| Notes |
|---|
It was fixed here: https://git.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/bzip2&id=93437a268741fb937166b84662ce4429e8adba66 By integrating this patch: https://bugzilla.redhat.com/attachment.cgi?id=1169843 |