CLSA-2026-1776956583

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1776956583.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1776956583
Upstream
Published
2026-04-25T08:42:48Z
Modified
2026-06-01T00:33:18.431499150Z
Summary
bzip2: Fix of 2 CVEs
Details
  • CVE-2019-12900: fix out-of-bounds write in BZ2_decompress when many selectors are present
  • CVE-2016-3189: fix use-after-free in bzip2recover
References

Affected packages

TuxCare:CentOS:7 / bzip2

Package

Name
bzip2
Purl
pkg:rpm/tuxcare/bzip2?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.6-13.el7.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1776956583.json"

TuxCare:CentOS:7 / bzip2-devel

Package

Name
bzip2-devel
Purl
pkg:rpm/tuxcare/bzip2-devel?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.6-13.el7.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1776956583.json"

TuxCare:CentOS:7 / bzip2-libs

Package

Name
bzip2-libs
Purl
pkg:rpm/tuxcare/bzip2-libs?distro=centos-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.6-13.el7.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2026-1776956583.json"