UbuntuUpdates.org

Package "libbz2-dev"

Name: libbz2-dev

Description:

high-quality block-sorting file compressor library - development

Latest version: 1.0.6-9ubuntu0.19.04.1
Release: disco (19.04)
Level: security
Repository: main
Head package: bzip2
Homepage: https://web.archive.org/web/20180801004107/http://www.bzip.org/

Links

Save this URL for the latest version of "libbz2-dev": https://www.ubuntuupdates.org/libbz2-dev


Download "libbz2-dev"


Other versions of "libbz2-dev" in Disco

Repository Area Version
base main 1.0.6-9
updates main 1.0.6-9ubuntu0.19.04.1

Changelog

Version: 1.0.6-9ubuntu0.19.04.1 2019-07-04 15:07:35 UTC

  bzip2 (1.0.6-9ubuntu0.19.04.1) disco-security; urgency=medium

  * SECURITY REGRESSION: bzip2 update for CVE-2019-12900 causes some files raises
    incorrect CRC error. (LP: #1834494)
    - debian/patches/Accept-as-many-selectors-as-selectors*.patch

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 04 Jul 2019 09:50:14 -0300

Source diff to previous version
1834494 latest bzip2 reports crc errors incorrectly
CVE-2019-12900 BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.

Version: 1.0.6-9ubuntu0.19.04 2019-06-26 14:06:51 UTC

  bzip2 (1.0.6-9ubuntu0.19.04) disco-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds write
    - debian/patches/CVE-2019-12900.patch: make sure
      nSelectors is not out of range in decompress.c.
    - CVE-2019-12900

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 24 Jun 2019 16:44:33 -0300

CVE-2019-12900 BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.



About   -   Send Feedback to @ubuntu_updates