OmniOS Community Edition has updated the bzip2 Package for r151022 and bloody to fix CVE-2016-3189
A remote user can create a specially crafted bzip2 file that, when processed for recovery by the target application, will trigger a use-after-free memory error in bzip2recover and cause the target application to crash. This release does NOT require a reboot. -- Tobi Oetiker, OETIKER+PARTNER AG, Aarweg 15 CH-4600 Olten, Switzerland www.oetiker.ch t...@oetiker.ch +41 62 775 9902
_______________________________________________ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
