Oval Definition:oval:com.redhat.rhsa:def:20100703
Revision Date:2010-09-21Version:639
Title:RHSA-2010:0703: bzip2 security update (Important)
Description:bzip2 is a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs.

  • An integer overflow flaw was discovered in the bzip2 decompression routine. This issue could, when decompressing malformed archives, cause bzip2, or an application linked against the libbz2 library, to crash or, potentially, execute arbitrary code. (CVE-2010-0405)

    Users of bzip2 should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running applications using the libbz2 library must be restarted for the update to take effect.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2010-0405
    RHSA-2010:0703
    RHSA-2010:0703-01
    RHSA-2010:0703-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • bzip2 is earlier than 0:1.0.2-14.EL3
  • AND bzip2 is signed with Red Hat master key
  • bzip2-libs is earlier than 0:1.0.2-14.EL3
  • AND bzip2-libs is signed with Red Hat master key
  • bzip2-devel is earlier than 0:1.0.2-14.EL3
  • AND bzip2-devel is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • bzip2-devel is earlier than 0:1.0.2-16.el4_8
  • AND bzip2-devel is signed with Red Hat master key
  • bzip2-libs is earlier than 0:1.0.2-16.el4_8
  • AND bzip2-libs is signed with Red Hat master key
  • bzip2 is earlier than 0:1.0.2-16.el4_8
  • AND bzip2 is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • bzip2-libs is earlier than 0:1.0.3-6.el5_5
  • AND bzip2-libs is signed with Red Hat redhatrelease key
  • bzip2-devel is earlier than 0:1.0.3-6.el5_5
  • AND bzip2-devel is signed with Red Hat redhatrelease key
  • bzip2 is earlier than 0:1.0.3-6.el5_5
  • AND bzip2 is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • bzip2 is earlier than 0:1.0.2-16.el4_8
  • AND bzip2 is signed with Red Hat redhatrelease2 key
  • bzip2-devel is earlier than 0:1.0.2-16.el4_8
  • AND bzip2-devel is signed with Red Hat redhatrelease2 key
  • bzip2-libs is earlier than 0:1.0.2-16.el4_8
  • AND bzip2-libs is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • bzip2 is earlier than 0:1.0.3-6.el5_5
  • AND bzip2 is signed with Red Hat redhatrelease2 key
  • bzip2-devel is earlier than 0:1.0.3-6.el5_5
  • AND bzip2-devel is signed with Red Hat redhatrelease2 key
  • bzip2-libs is earlier than 0:1.0.3-6.el5_5
  • AND bzip2-libs is signed with Red Hat redhatrelease2 key
    • BACK