Confirmed - same behaviour here (Debian 6.0.3, amd64, bzip2 1.0.5-6).
A - rough and hastily done - proof of concept exploiting the vulnerability: http://pastebin.com/FaaEsXRW
I can confirm that using the -T flag fixes this.Note that the security impact is probably quite low, as bzexe seems to be rarely used.
-- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
