RLSA-2024:8922

Опубликовано: 08 нояб. 2024

Источник: rocky

Оценка: Low

Описание

Low: bzip2 security update

The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs.

Security Fix(es):

bzip2: out-of-bounds write in function BZ2_decompress (CVE-2019-12900)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

Rocky Linux 8

Наименование	Архитектура	Релиз	RPM
bzip2	x86_64	27.el8_10	bzip2-1.0.6-27.el8_10.x86_64.rpm
bzip2-devel	x86_64	27.el8_10	bzip2-devel-1.0.6-27.el8_10.x86_64.rpm
bzip2-libs	x86_64	27.el8_10	bzip2-libs-1.0.6-27.el8_10.x86_64.rpm

Показывать по

Связанные CVE

CVE-2019-12900

Ссылки на источники

Исправления

https://bugzilla.redhat.com/show_bug.cgi?id=1724459
Red Hat - 1724459

Связанные уязвимости

CVE-2019-12900

CVSS3: 9.8

ubuntu

почти 6 лет назад

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

CVE-2019-12900

CVSS3: 4.4

redhat

7 месяцев назад

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

CVE-2019-12900

CVSS3: 9.8

nvd

почти 6 лет назад

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

CVE-2019-12900

CVSS3: 9.8

msrc

почти 5 лет назад

Описание отсутствует

CVE-2019-12900

CVSS3: 9.8

debian

почти 6 лет назад

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bo ...

exploitDog

RLSA-2024:8922

Описание

Затронутые продукты

Rocky Linux 8: обновленные пакеты

Связанные CVE

Ссылки на источники

Исправления

Связанные уязвимости