| Description: | Updated bzip2 packages that fix a security issue are now available for RedHat Enterprise Linux 2.1, 3, 4, and 5.This update has been rated as having moderate security impact by the RedHat Security Response Team.Bzip2 is a freely available, high-quality data compressor. It provides bothstand-alone compression and decompression utilities, as well as a sharedlibrary for use with other programs.A buffer over-read flaw was discovered in the bzip2 decompression routine.This issue could cause an application linked against the libbz2 library tocrash when decompressing malformed archives. (CVE-2008-1372)Users of bzip2 should upgrade to these updated packages, which contain abackported patch to resolve this issue. |