[Full-disclosure] rPSA-2008-0118-1 bzip2
rPath Update Announcements
announce-noreply at rpath.com
Fri Mar 21 22:50:37 GMT 2008
rPath Security Advisory: 2008-0118-1
rPath Linux 1
rPath Appliance Platform Linux Service 1
Exposure Level Classification:
Indirect Deterministic Denial of Service
bzip2=conary.rpath.com at rpl:1/1.0.4-1.1-1
rPath Issue Tracking System:
Previous versions of the bzip2 package are vulnerable to a Denial
of Service in which an attacker can provide a malformed archive
file that will cause applications such as bunzip2 reading the file
to crash. It has not been determined that this vulnerability can
be exploited to execute malicious code.
Copyright 2008 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
Full-Disclosure is hosted and sponsored by Secunia.