Vulnerability Name:

CVE-2008-1372 (CCN-41249)

Assigned:2008-03-18
Published:2008-03-18
Updated:2018-10-11
Summary:bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: NETBSD
Type: UNKNOWN
NetBSD-SA2008-004

Source: CCN
Type: bzip Web site
bzip2 and libbzip2

Source: MITRE
Type: CNA
CVE-2008-1372

Source: CONFIRM
Type: UNKNOWN
http://kb.vmware.com/kb/1006982

Source: CONFIRM
Type: UNKNOWN
http://kb.vmware.com/kb/1007198

Source: CONFIRM
Type: UNKNOWN
http://kb.vmware.com/kb/1007504

Source: APPLE
Type: UNKNOWN
APPLE-SA-2009-08-05-1

Source: SUSE
Type: UNKNOWN
SUSE-SR:2008:011

Source: CCN
Type: RHSA-2008-0893
Moderate: bzip2 security update

Source: CCN
Type: SA29410
bzip2 Denial of Service Vulnerability

Source: SECUNIA
Type: UNKNOWN
29410

Source: SECUNIA
Type: UNKNOWN
29475

Source: SECUNIA
Type: UNKNOWN
29497

Source: SECUNIA
Type: UNKNOWN
29506

Source: SECUNIA
Type: UNKNOWN
29656

Source: SECUNIA
Type: UNKNOWN
29677

Source: SECUNIA
Type: UNKNOWN
29698

Source: SECUNIA
Type: UNKNOWN
29940

Source: SECUNIA
Type: UNKNOWN
31204

Source: SECUNIA
Type: UNKNOWN
31869

Source: SECUNIA
Type: UNKNOWN
31878

Source: CCN
Type: SA36096
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
36096

Source: GENTOO
Type: UNKNOWN
GLSA-200903-40

Source: CCN
Type: SECTRACK ID: 1020867
Bzip2 Bug Lets Remote Users Deny Service

Source: SUNALERT
Type: UNKNOWN
241786

Source: CCN
Type: Sun Alert ID: 241786
A Security Vulnerability in the bzip2(1) command may lead to a Denial of Service (DoS)

Source: CCN
Type: Apple Web site
About Security Update 2009-003

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3757

Source: CCN
Type: ASA-2008-404
bzip2 security update (RHSA-2008-0893)

Source: CONFIRM
Type: UNKNOWN
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0118

Source: CONFIRM
Type: UNKNOWN
http://www.bzip.org/CHANGES

Source: MISC
Type: UNKNOWN
http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

Source: MISC
Type: UNKNOWN
http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/

Source: CCN
Type: GLSA-200804-02
bzip2: Denial of Service

Source: GENTOO
Type: UNKNOWN
GLSA-200804-02

Source: CCN
Type: GLSA-200903-40
Analog: Denial of Service

Source: CONFIRM
Type: UNKNOWN
http://www.ipcop.org/index.php?name=News&file=article&sid=40

Source: CERT-VN
Type: US Government Resource
VU#813451

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:075

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0893

Source: BUGTRAQ
Type: UNKNOWN
20080321 rPSA-2008-0118-1 bzip2

Source: BUGTRAQ
Type: UNKNOWN
20081203 VMSA-2008-0019 VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2

Source: BID
Type: Exploit
28286

Source: CCN
Type: BID-28286
bzip2 Unspecified File Handling Vulnerability

Source: SECTRACK
Type: UNKNOWN
1020867

Source: SLACKWARE
Type: UNKNOWN
SSA:2008-098-02

Source: CCN
Type: USN-590-1
bzip2 vulnerability

Source: CERT
Type: US Government Resource
TA09-218A

Source: VUPEN
Type: UNKNOWN
ADV-2008-0915

Source: VUPEN
Type: UNKNOWN
ADV-2008-2557

Source: VUPEN
Type: UNKNOWN
ADV-2009-2172

Source: CONFIRM
Type: UNKNOWN
https://bugs.gentoo.org/attachment.cgi?id=146488&action=view

Source: XF
Type: UNKNOWN
bzip2-archives-code-execution(41249)

Source: XF
Type: UNKNOWN
bzip2-archives-code-execution(41249)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10067

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6467

Source: UBUNTU
Type: UNKNOWN
USN-590-1

Source: CCN
Type: CERT-FI: 20469
CERT-FI and CPNI Joint Vulnerability Advisory on Archive Formats

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-2970

Source: FEDORA
Type: UNKNOWN
FEDORA-2008-3037

Source: SUSE
Type: SUSE-SR:2008:011
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:bzip:bzip2:0.9:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:0.9.5a:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:0.9.5b:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:0.9.5c:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:0.9.5d:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:0.9_a:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:0.9_b:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:0.9_c:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:1.0:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:bzip:bzip2:1.0.3:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sun:solaris:8::x86:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:sun:solaris:8::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::x86:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::sparc:*:*:*:*:*
  • OR cpe:/o:sun:solaris:10::x86:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06::lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0::x86-64:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.04:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:7.10:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2007.1::x86-64:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sun:solaris:9::sparc:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_01::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_88::x86:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_01::sparc:*:*:*:*:*
  • OR cpe:/o:sun:opensolaris:build_snv_88::sparc:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.7:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20081372
    V
    		CVE-2008-1372
    2022-06-30
    oval:org.opensuse.security:def:42279
    P
    		Security update for ldb (Low)
    2022-05-09
    oval:org.opensuse.security:def:112034
    P
    		bzip2-1.0.8-3.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:26222
    P
    		Security update for virglrenderer (Important) (in QA)
    2022-01-17
    oval:org.opensuse.security:def:31753
    P
    		Security update for net-snmp (Important)
    2022-01-05
    oval:org.opensuse.security:def:31750
    P
    		Security update for java-1_7_1-ibm (Moderate) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:33059
    P
    		Security update for openssh (Important)
    2021-12-06
    oval:org.opensuse.security:def:31711
    P
    		Security update for ruby2.1 (Important)
    2021-12-01
    oval:org.opensuse.security:def:32228
    P
    		Security update for java-1_7_0-openjdk (Important)
    2021-11-24
    oval:org.opensuse.security:def:31706
    P
    		Security update for postgresql96 (Important)
    2021-11-22
    oval:org.opensuse.security:def:31306
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:26154
    P
    		Security update for ncurses (Moderate)
    2021-10-20
    oval:org.opensuse.security:def:33020
    P
    		Security update for python36 (Moderate)
    2021-10-09
    oval:org.opensuse.security:def:26140
    P
    		Security update for glibc (Moderate)
    2021-10-06
    oval:org.opensuse.security:def:105589
    P
    		bzip2-1.0.8-3.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:32172
    P
    		Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-08-25
    oval:org.opensuse.security:def:26101
    P
    		Security update for php74 (Important)
    2021-08-06
    oval:org.opensuse.security:def:31662
    P
    		Security update for libsndfile (Critical)
    2021-08-05
    oval:org.opensuse.security:def:32159
    P
    		Security update for webkit2gtk3 (Important)
    2021-08-03
    oval:org.opensuse.security:def:31229
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-07-21
    oval:org.opensuse.security:def:31214
    P
    		Security update for libgcrypt (Important)
    2021-06-24
    oval:org.opensuse.security:def:31648
    P
    		Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:26071
    P
    		Security update for the Linux Kernel (Important)
    2021-06-09
    oval:org.opensuse.security:def:36096
    P
    		bzip2-1.0.5-34.253.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36438
    P
    		libbz2-devel-1.0.5-34.253.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42503
    P
    		bzip2-1.0.5-34.253.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:32115
    P
    		Security update for spice (Important)
    2021-06-08
    oval:org.opensuse.security:def:42082
    P
    		Security update for python-py (Moderate)
    2021-06-04
    oval:org.opensuse.security:def:26063
    P
    		Security update for dhcp (Important)
    2021-06-01
    oval:org.opensuse.security:def:32093
    P
    		Security update for djvulibre (Important)
    2021-05-19
    oval:org.opensuse.security:def:26052
    P
    		Security update for graphviz (Critical)
    2021-05-19
    oval:org.opensuse.security:def:31155
    P
    		Security update for MozillaFirefox (Important)
    2021-04-27
    oval:org.opensuse.security:def:31606
    P
    		Security update for clamav (Important)
    2021-04-14
    oval:org.opensuse.security:def:31144
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:31143
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:32277
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:31363
    P
    		Security update for the Linux Kernel (Live Patch 33 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:31361
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:31351
    P
    		Security update for grub2 (Important)
    2021-03-02
    oval:org.opensuse.security:def:26198
    P
    		Security update for avahi (Moderate)
    2021-02-23
    oval:org.opensuse.security:def:26191
    P
    		Security update for jasper (Important)
    2021-02-16
    oval:org.opensuse.security:def:31340
    P
    		Security update for wpa_supplicant (Important)
    2021-02-15
    oval:org.opensuse.security:def:31339
    P
    		Security update for the Linux Kernel (Important)
    2021-02-12
    oval:org.opensuse.security:def:31649
    P
    		Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:32836
    P
    		Security update for PackageKit (Low)
    2020-12-22
    oval:org.opensuse.security:def:32016
    P
    		Security update for python (Important)
    2020-12-11
    oval:org.opensuse.security:def:32005
    P
    		Security update for xen (Important)
    2020-12-07
    oval:org.opensuse.security:def:31562
    P
    		Security update for xen (Important)
    2020-12-07
    oval:org.opensuse.security:def:31563
    P
    		Security update for mutt (Important)
    2020-12-07
    oval:org.opensuse.security:def:31082
    P
    		Security update for gdm (Important)
    2020-12-03
    oval:org.opensuse.security:def:35872
    P
    		bzip2-1.0.5-34.253.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35528
    P
    		bzip2-1.0.5-34.246 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35675
    P
    		bzip2-1.0.5-34.253.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:41935
    P
    		bzip2-1.0.5-34.246 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31557
    P
    		Security update for python-setuptools (Important)
    2020-12-02
    oval:org.opensuse.security:def:30997
    P
    		Security update for jasper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25511
    P
    		Security update for ant (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26719
    P
    		ipsec-tools on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25849
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25656
    P
    		Security update for spice-gtk (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31897
    P
    		Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:26871
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25079
    P
    		Security update for java-1_7_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:25848
    P
    		Security update for flex, at, bogofilter, cyrus-imapd, kdelibs4, libQtWebKit4, libbonobo, mdbtools, netpbm, openslp, sgmltool, virtuoso, libqt5-qtwebkit (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27401
    P
    		flac-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26329
    P
    		Security update for znc (Low)
    2020-12-01
    oval:org.opensuse.security:def:25905
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:31963
    P
    		Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25091
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26275
    P
    		Security update for freerdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:32338
    P
    		Security update for sblim-sfcb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25423
    P
    		Security update for mariadb (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25958
    P
    		Security update for libwpd (Important)
    2020-12-01
    oval:org.opensuse.security:def:32640
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25987
    P
    		Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25283
    P
    		Security update for SUSE Manager Client Tools (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31597
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26363
    P
    		Security update for libgit2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25498
    P
    		Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31929
    P
    		Security update for glib2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26640
    P
    		sudo on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25999
    P
    		Security update for zziplib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25421
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:26421
    P
    		Security update for hdf5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25707
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25709
    P
    		Security update for java-1_8_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31772
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25803
    P
    		Security update for flash-player (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27094
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25226
    P
    		Security update for e2fsprogs (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25797
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:32454
    P
    		Security update for xorg-x11-libICE (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31574
    P
    		Security update for strongswan (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25238
    P
    		Security update for ppp (Important)
    2020-12-01
    oval:org.opensuse.security:def:31453
    P
    		Security update for postgresql10 (Low)
    2020-12-01
    oval:org.opensuse.security:def:26617
    P
    		nagios on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25855
    P
    		Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:25646
    P
    		Security update for tomcat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31780
    P
    		Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (Important)
    2020-12-01
    oval:org.opensuse.security:def:30996
    P
    		Security update for jasper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25430
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31793
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26705
    P
    		gd on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26528
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25721
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25505
    P
    		Security update for python-PyYAML (Important)
    2020-12-01
    oval:org.opensuse.security:def:31858
    P
    		Security update for cups (Important)
    2020-12-01
    oval:org.opensuse.security:def:26836
    P
    		unzip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31008
    P
    		Security update for java-1_6_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25568
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26763
    P
    		libqt4-sql-mysql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25930
    P
    		Security update for ImageMagick (Important)
    2020-12-01
    oval:org.opensuse.security:def:25856
    P
    		Security update for gd (Important)
    2020-12-01
    oval:org.opensuse.security:def:31919
    P
    		Security update for ghostscript-library (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25080
    P
    		Security update for libxml2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:32316
    P
    		Security update for rsync (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27436
    P
    		libbz2-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25422
    P
    		Security update for postgresql10 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31425
    P
    		Security update for php53 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26413
    P
    		Security update for go1.8 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25944
    P
    		Security update for libplist (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32601
    P
    		rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25155
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31510
    P
    		Security update for libX11 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26324
    P
    		Security update for MozillaThunderbird (Important)
    2020-12-01
    oval:org.opensuse.security:def:32382
    P
    		Security update for tiff (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25434
    P
    		Security update for dovecot22 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26002
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25988
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25364
    P
    		Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31949
    P
    		Security update for grub2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26377
    P
    		Security update for kauth, kdelibs4 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25626
    P
    		Security update for libqt5-qtbase (Important)
    2020-12-01
    oval:org.opensuse.security:def:26675
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25652
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:32054
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:27059
    P
    		xorg-x11-Xvnc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25764
    P
    		Security update for webkitgtk (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25758
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:31816
    P
    		Security update for apport (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26272
    P
    		Security update for openexr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25227
    P
    		Security update for wicked (Important)
    2020-12-01
    oval:org.opensuse.security:def:26564
    P
    		gzip on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25811
    P
    		Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32493
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25645
    P
    		Security update for the Linux Kernel (Critical)
    2020-12-01
    oval:org.opensuse.security:def:31450
    P
    		Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32797
    P
    		tftp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25302
    P
    		Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:26666
    P
    		amavisd-new on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26493
    P
    		Security update for phpMyAdmin (Important)
    2020-12-01
    oval:org.opensuse.security:def:25657
    P
    		Security update for graphviz (Low)
    2020-12-01
    oval:org.opensuse.security:def:31872
    P
    		Security update for curl (Important)
    2020-12-01
    oval:org.opensuse.security:def:31809
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:29039
    P
    		RHSA-2008:0893 -- bzip2 security update (Moderate)
    2015-08-17
    oval:org.mitre.oval:def:17754
    P
    		USN-590-1 -- bzip2 vulnerability
    2014-06-30
    oval:org.mitre.oval:def:22240
    P
    		ELSA-2008:0893: bzip2 security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:10067
    V
    		bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
    2013-04-29
    oval:org.mitre.oval:def:6467
    V
    		Bzip2 Bug Lets Remote Users Deny Service
    2010-05-17
    oval:com.redhat.rhsa:def:20080893
    P
    		RHSA-2008:0893: bzip2 security update (Moderate)
    2008-09-16
    BACK
    bzip bzip2 0.9
    bzip bzip2 0.9.5a
    bzip bzip2 0.9.5b
    bzip bzip2 0.9.5c
    bzip bzip2 0.9.5d
    bzip bzip2 0.9_a
    bzip bzip2 0.9_b
    bzip bzip2 0.9_c
    bzip bzip2 1.0
    bzip bzip2 1.0.1
    bzip bzip2 1.0.2
    bzip bzip2 1.0.3
    apple mac os x 10.5.6
    sun solaris 8
    gentoo linux *
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    sun solaris 8
    sun solaris 9
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    mandrakesoft mandrake multi network firewall 2.0
    sun solaris 10
    sun solaris 10
    redhat linux advanced workstation 2.1
    canonical ubuntu 6.06
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux 2007
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2007.1
    mandrakesoft mandrake linux 2008.0
    canonical ubuntu 7.04
    redhat enterprise linux 5
    canonical ubuntu 7.10
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2007.1
    apple mac os x 10.4.11
    apple mac os x 10.5.1
    apple mac os x server 10.4.11
    apple mac os x server 10.5.1
    apple mac os x 10.5.2
    apple mac os x server 10.5.2
    apple mac os x server 10.5.3
    apple mac os x 10.5.3
    sun solaris 9
    apple mac os x 10.5.4
    apple mac os x server 10.5.4
    sun opensolaris build_snv_01
    sun opensolaris build_snv_88
    sun opensolaris build_snv_01
    sun opensolaris build_snv_88
    apple mac os x 10.5.5
    apple mac os x server 10.5.5
    apple mac os x server 10.5.6
    apple mac os x 10.5.0
    apple mac os x server 10.5.0
    apple mac os x 10.5.7
    apple mac os x server 10.5.7