Users of bzip2 bzip2-extras please be advised of an integer overflow vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
rPSA-2010-0058-1: [rPSA-2010-0058-1] bzip2 bzip2-extras integer overflow vulnerability
Products:
rPath Appliance Platform Linux Service 2
rPath Linux 2
Description:
Previous releases of bzip2 were vulnerable to an integer overflow
in the BZ2_decompress function, which could allow arbitrary
code execution via a crafted bzipped file. This has been fixed.
Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/dk1h
No comments:
Post a Comment