Browse Source

[bzip2] Updated (1.0.4 -> 1.0.5) : SECURITY - MEDIUM

CVE-2008-1372 (Medium) :
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service
(crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS
GENOME test suite for Archive Formats.
early
Aldas Nabazas 17 years ago
parent
commit
f6a50abd0b
  1. 7
      archiver/bzip2/bzip2.desc

7
archiver/bzip2/bzip2.desc

@ -1,9 +1,8 @@
[COPY] --- SDE-COPYRIGHT-NOTE-BEGIN --- [COPY] --- SDE-COPYRIGHT-NOTE-BEGIN ---
[COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch. [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
[COPY] [COPY]
[COPY] Filename: package/.../bzip2/bzip2.desc [COPY] Filename: package/.../bzip2/bzip2.desc
[COPY] Copyright (C) 2006 - 2007 The OpenSDE Project [COPY] Copyright (C) 2006 - 2008 The OpenSDE Project
[COPY] Copyright (C) 2004 - 2006 The T2 SDE Project [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
[COPY] Copyright (C) 1998 - 2003 Clifford Wolf [COPY] Copyright (C) 1998 - 2003 Clifford Wolf
[COPY] [COPY]
@ -33,9 +32,9 @@
[L] OpenSource [L] OpenSource
[S] Stable [S] Stable
[V] 1.0.4 [V] 1.0.5
[P] X -1---5---9 108.600 [P] X -1---5---9 108.600
[CV-URL] http://www.bzip.org/downloads.html [CV-URL] http://www.bzip.org/downloads.html
[D] 2881675732 bzip2-1.0.4.tar.gz http://www.bzip.org/1.0.4/ [D] 2990147436 bzip2-1.0.5.tar.gz http://www.bzip.org/1.0.5/

Loading…
Cancel
Save