lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Mar 2008 18:50:37 -0400 From: rPath Update Announcements <announce-noreply@...th.com> To: product-announce@...ts.rpath.com, security-announce@...ts.rpath.com, update-announce@...ts.rpath.com Cc: full-disclosure@...ts.grok.org.uk, vulnwatch@...nwatch.org, bugtraq@...urityfocus.com, lwn@....net Subject: rPSA-2008-0118-1 bzip2 rPath Security Advisory: 2008-0118-1 Published: 2008-03-21 Products: rPath Linux 1 rPath Appliance Platform Linux Service 1 Rating: Minor Exposure Level Classification: Indirect Deterministic Denial of Service Updated Versions: bzip2=conary.rpath.com@rpl:1/1.0.4-1.1-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2379 Description: Previous versions of the bzip2 package are vulnerable to a Denial of Service in which an attacker can provide a malformed archive file that will cause applications such as bunzip2 reading the file to crash. It has not been determined that this vulnerability can be exploited to execute malicious code. http://wiki.rpath.com/Advisories:rPSA-2008-0118 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html
Powered by blists - more mailing lists