LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for June 20, 2013

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

bzip2: code execution

Package(s):bzip2 CVE #(s):CVE-2010-0405
Created:September 20, 2010 Updated:January 9, 2013
Description: From the Debian advisory:

Mikolaj Izdebski has discovered an integer overflow flaw in the BZ2_decompress function in bzip2/libbz2. An attacker could use a crafted bz2 file to cause a denial of service (application crash) or potentially to execute arbitrary code.

Alerts:
Gentoo 201110-20 2011-10-23
MeeGo MeeGo-SA-10:40 2010-10-09
Fedora FEDORA-2010-18564 2010-12-05
Fedora FEDORA-2010-15125 2010-09-23
Fedora FEDORA-2010-17439 2010-11-08
Red Hat RHSA-2010:0858-03 2010-11-10
Fedora FEDORA-2010-15120 2010-09-23
CentOS CESA-2010:0703 2010-09-21
CentOS CESA-2010:0703 2010-09-21
CentOS CESA-2010:0703 2010-09-21
Slackware SSA:2010-263-01 2010-09-21
Red Hat RHSA-2010:0703-01 2010-09-20
Mandriva MDVSA-2010:185 2010-09-20
Ubuntu USN-986-3 2010-09-20
Ubuntu USN-986-2 2010-09-20
Ubuntu USN-986-1 2010-09-20
Debian DSA-2112-1 2010-09-20
openSUSE openSUSE-SU-2010:0684-1 2010-09-30
rPath rPSA-2010-0058-1 2010-10-17
SUSE SUSE-SR:2010:018 2010-10-06
Gentoo 201301-05 2013-01-09
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds