Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#20901 - [bzip2] Integer overflow vulnerability (CVE-2010-0405)

Attached to Project: Arch Linux
Opened by Lukas Fleischer (lfleischer) - Tuesday, 21 September 2010, 12:17 GMT
Last edited by Pierre Schmitz (Pierre) - Tuesday, 21 September 2010, 12:58 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Ionut Biru (wonder)
Architecture All
Severity Critical
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No


There's an integer overflow vulnerability in bzip2 1.0.5 (CVE-2010-0405), see [1]. The package has already been flagged out-of-date yesterday but nothing happened yet.

This task depends upon

Closed by  Pierre Schmitz (Pierre)
Tuesday, 21 September 2010, 12:58 GMT
Reason for closing:  Not a bug