Information on source package bzip2

Available versions

ReleaseVersion
jessie1.0.6-7
jessie (security)1.0.6-7+deb8u2
stretch1.0.6-8.1
buster1.0.6-9.2~deb10u1
bullseye1.0.8-2
sid1.0.8-2

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-12900fixedvulnerable (no DSA)fixedfixedfixedBZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bo ...

Resolved issues

BugDescription
CVE-2016-3189Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows rem ...
CVE-2011-4089The bzexe command in bzip2 1.0.5 and earlier generates compressed exec ...
CVE-2010-0405Integer overflow in the BZ2_decompress function in decompress.c in bzi ...
CVE-2008-1372bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to ...
CVE-2005-1260bzip2 allows remote attackers to cause a denial of service (hard drive ...
CVE-2005-0953Race condition in bzip2 1.0.2 and earlier allows local users to modify ...
CVE-2005-0758zgrep in gzip before 1.3.5 does not properly sanitize arguments, which ...

Security announcements

DSA / DLADescription
DLA-1833-2bzip2 - regression update
DLA-1833-1bzip2 - security update
DSA-2112-1bzip2 - integer overflow
DSA-741-1bzip2 - infinite loop
DSA-730-1bzip2 - race condition

Search for package or bug name: Reporting problems