FS#52277 - [bzip2] CVE-2016-3189 heap use after free in bzip2recover
Attached to Project:
Arch Linux
Opened by Matt (ilikenwf) - Monday, 26 December 2016, 18:35 GMT
Last edited by Ronald van Haren (pressh) - Wednesday, 28 December 2016, 10:29 GMT
Opened by Matt (ilikenwf) - Monday, 26 December 2016, 18:35 GMT
Last edited by Ronald van Haren (pressh) - Wednesday, 28 December 2016, 10:29 GMT
|
Details
The original redhat discussion has a proposed, simple
patch:
https://bugzilla.redhat.com/show_bug.cgi?id=1319648 https://bugzilla.redhat.com/attachment.cgi?id=1169843 |
This task depends upon
Closed by Ronald van Haren (pressh)
Wednesday, 28 December 2016, 10:29 GMT
Reason for closing: Implemented
Additional comments about closing: bzip2-1.0.6-6
Wednesday, 28 December 2016, 10:29 GMT
Reason for closing: Implemented
Additional comments about closing: bzip2-1.0.6-6
http://sprunge.us/bMFC
Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.