USN-4038-4
- Source
- https://ubuntu.com/security/notices/USN-4038-4
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4038-4.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4038-4
- Related
- Published
- 2019-07-04T15:48:25.645766Z
- Modified
- 2019-07-04T15:48:25.645766Z
- Summary
- bzip2 regression
- Details
-
USN-4038-1 fixed a vulnerability in bzip2. The update introduced a regression causing bzip2 to incorrect raises CRC errors for some files. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM.
We apologize for the inconvenience.
Original advisory details:
It was discovered that bzip2 incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
- References
Affected packages
Ubuntu:14.04:LTS / bzip2
Package
- Name
- bzip2
- Purl
- pkg:deb/ubuntu/bzip2?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.0.6-5ubuntu0.1~esm2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "1.0.6-5ubuntu0.1~esm2",
"binary_name": "bzip2"
},
{
"binary_version": "1.0.6-5ubuntu0.1~esm2",
"binary_name": "bzip2-doc"
},
{
"binary_version": "1.0.6-5ubuntu0.1~esm2",
"binary_name": "lib32bz2-1.0"
},
{
"binary_version": "1.0.6-5ubuntu0.1~esm2",
"binary_name": "lib32bz2-dev"
},
{
"binary_version": "1.0.6-5ubuntu0.1~esm2",
"binary_name": "lib64bz2-1.0"
},
{
"binary_version": "1.0.6-5ubuntu0.1~esm2",
"binary_name": "libbz2-dev"
},
{
"binary_version": "1.0.6-5ubuntu0.1~esm2",
"binary_name": "lib64bz2-dev"
},
{
"binary_version": "1.0.6-5ubuntu0.1~esm2",
"binary_name": "libbz2-1.0"
}
]
}