Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Gentoo 200804-02 Normal: Bzip2 Denial Of Service Advisory Overview

gentoo
Calendar Grey April 2, 2008
Dist Gentoo Esm H88
An issue with Bzip2 buffer overread has been identified in Gentoo advisory 200804-02. Prompt updates are advised for standard severity.
A buffer overread vulnerability has been discovered in Bzip2.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200804-02
                                            https://security.gentoo.org/

  Severity: Normal
     Title: bzip2: Denial of Service
      Date: April 02, 2008
      Bugs: #213820
        ID: 200804-02


Synopsis
=======
A buffer overread vulnerability has been discovered in Bzip2.

Background
=========
bzip2 is a free and open source lossless data compression program.

Affected packages
================
    -------------------------------------------------------------------
     Package         /  Vulnerable  /                       Unaffected
    -------------------------------------------------------------------
  1  app-arch/bzip2       < 1.0.5                             >= 1.0.5

==========
The Oulu University discovered that bzip2 does not properly check
offsets provided by the bzip2 file, leading to a buffer overread.

Impact
=====
Remote attackers can entice a user or...
Read the Full Advisory
Topics%20covered

Topics Covered

security advisory denial of service gentoo normal severity bzip2 buffer overread

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory denial of service gentoo normal severity bzip2 buffer overread

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here