*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
Binary package hint: bzip2 bzip2 needs security update, as per Slackware update: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405 http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.600240 Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/bzip2-1.0.6-i486-1_slack13.1.txz: Upgraded. This update fixes an integer overflow that could allow a specially crafted bzip2 archive to cause a crash (denial of service), or execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405 (* Security fix *) ProblemType: Bug DistroRelease: Ubuntu 10.04 Package: bzip2 1.0.5-4ubuntu0.1 ProcVersionSignature: Ubuntu 2.6.32-24.43-generic 2.6.32.15+drm33.5 Uname: Linux 2.6.32-24-generic x86_64 Architecture: amd64 Date: Wed Sep 22 15:19:46 2010 EcryptfsInUse: Yes InstallationMedia: Xubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100427.1) ProcEnviron: LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: bzip2 ** Affects: bzip2 (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug lucid -- bzip2 needs security update https://bugs.edge.launchpad.net/bugs/645226 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
