[ubuntu/lucid-security] bzip2, bzip2 (delayed) 1.0.5-4ubuntu0.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Sep 20 14:04:34 BST 2010 

bzip2 (1.0.5-4ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: fix integer overflow in BZ2_decompress()
    - decompress.c: return error if N is larger than 2*1024^2 which keeps es
      from overflowing but leaves enough room for the 900k maximum value of
      the RUNA/RUNB encoding
    - patch from upstream
    - CVE-2010-0405

Date: Thu, 09 Sep 2010 10:15:30 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/bzip2/1.0.5-4ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Thu, 09 Sep 2010 10:15:30 -0500
Source: bzip2
Binary: libbz2-1.0 libbz2-dev bzip2 lib64bz2-1.0 lib64bz2-dev lib32bz2-1.0 lib32bz2-dev bzip2-doc
Architecture: source
Version: 1.0.5-4ubuntu0.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 bzip2      - high-quality block-sorting file compressor - utilities
 bzip2-doc  - high-quality block-sorting file compressor - documentation
 lib32bz2-1.0 - high-quality block-sorting file compressor library - 32bit runtim
 lib32bz2-dev - high-quality block-sorting file compressor library - 32bit develo
 lib64bz2-1.0 - high-quality block-sorting file compressor library - 64bit runtim
 lib64bz2-dev - high-quality block-sorting file compressor library - 64bit develo
 libbz2-1.0 - high-quality block-sorting file compressor library - runtime
 libbz2-dev - high-quality block-sorting file compressor library - development
Changes: 
 bzip2 (1.0.5-4ubuntu0.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: fix integer overflow in BZ2_decompress()
     - decompress.c: return error if N is larger than 2*1024^2 which keeps es
       from overflowing but leaves enough room for the 900k maximum value of
       the RUNA/RUNB encoding
     - patch from upstream
     - CVE-2010-0405
Checksums-Sha1: 
 422fc0878a89a3aea8102e2cbcf6f25448342daf 1543 bzip2_1.0.5-4ubuntu0.1.dsc
 9386f98e9dbda682edd4dbd924e8d0b038e6f394 76618 bzip2_1.0.5-4ubuntu0.1.diff.gz
Checksums-Sha256: 
 7048a670b0e5232cb497e55442e2fe3b936f61c7653229366f4ca8390295f3b9 1543 bzip2_1.0.5-4ubuntu0.1.dsc
 da4c35f804500b7410a7a8b3b0b5bf654eb3ee9e487de5453533e23bfec5fff3 76618 bzip2_1.0.5-4ubuntu0.1.diff.gz
Files: 
 727b00c4e6511cfe499cf9b1ab2aa79b 1543 utils important bzip2_1.0.5-4ubuntu0.1.dsc
 9a38471b12c569523c34080d1210fb09 76618 utils important bzip2_1.0.5-4ubuntu0.1.diff.gz
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>

More information about the Lucid-changes mailing list