4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.086 Low
EPSS
Percentile
93.8%
Bzip2 is a freely available, high-quality data compressor. It provides both
stand-alone compression and decompression utilities, as well as a shared
library for use with other programs.
A buffer over-read flaw was discovered in the bzip2 decompression routine.
This issue could cause an application linked against the libbz2 library to
crash when decompressing malformed archives. (CVE-2008-1372)
Users of bzip2 should upgrade to these updated packages, which contain a
backported patch to resolve this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | bzip2-libs | < 1.0.1-5.EL2.1 | bzip2-libs-1.0.1-5.EL2.1.ia64.rpm |
RedHat | any | s390 | bzip2-devel | < 1.0.2-12.EL3 | bzip2-devel-1.0.2-12.EL3.s390.rpm |
RedHat | 4 | s390x | bzip2-devel | < 1.0.2-14.el4_7 | bzip2-devel-1.0.2-14.el4_7.s390x.rpm |
RedHat | 5 | x86_64 | bzip2-libs | < 1.0.3-4.el5_2 | bzip2-libs-1.0.3-4.el5_2.x86_64.rpm |
RedHat | any | i386 | bzip2-libs | < 1.0.2-12.EL3 | bzip2-libs-1.0.2-12.EL3.i386.rpm |
RedHat | any | ppc | bzip2-libs | < 1.0.2-12.EL3 | bzip2-libs-1.0.2-12.EL3.ppc.rpm |
RedHat | 4 | ppc64 | bzip2-libs | < 1.0.2-14.el4_7 | bzip2-libs-1.0.2-14.el4_7.ppc64.rpm |
RedHat | 5 | s390x | bzip2 | < 1.0.3-4.el5_2 | bzip2-1.0.3-4.el5_2.s390x.rpm |
RedHat | any | ia64 | bzip2 | < 1.0.2-12.EL3 | bzip2-1.0.2-12.EL3.ia64.rpm |
RedHat | 5 | x86_64 | bzip2-devel | < 1.0.3-4.el5_2 | bzip2-devel-1.0.3-4.el5_2.x86_64.rpm |