Paketname
bzip2
Datum
2010-09-20
Advisory ID
MDVSA-2010:185
Betroffene Versionen
2009.0 x86_64 , MES5 i586 , 2010.1 i586 , 2010.0 x86_64 , 2010.0 i586 , 2009.1 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.1 x86_64 , MES5 x86_64 , 2010.1 x86_64

Problembeschreibung

An integer overflow has been found and corrected in bzip2 which could
be exploited by using a specially crafted bz2 file and cause a denial
of service attack (CVE-2010-0405).

Additionally clamav has been upgraded to 0.96.2 and has been patched
for this issue. perl-Compress-Bzip2 in MES5 has been linked against
the system bzip2 library to resolv this issue.

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

2009.0 x86_64

 9600b4ede2067eab744853e2ca8b0659  2009.0/x86_64/bzip2-1.0.5-3.1mdv2009.0.x86_64.rpm
 4f231995c4926085bfb4ea5996799ea2  2009.0/x86_64/clamav-0.96.2-0.1mdv2009.0.x86_64.rpm
 e1b45400f643ec8ec303922546920f5b  2009.0/x86_64/clamav-db-0.96.2-0.1mdv2009.0.x86_64.rpm
 3efc9367300fd41627c575ec228d0a92  2009.0/x86_64/clamav-milter-0.96.2-0.1mdv2009.0.x86_64.rpm
 bf872e312a88cd8305fbea9c19d98ea4  2009.0/x86_64/clamd-0.96.2-0.1mdv2009.0.x86_64.rpm
 69b4a223134c00102eb40856a4677062  2009.0/x86_64/lib64bzip2_1-1.0.5-3.1mdv2009.0.x86_64.rpm
 adf80fee100128e0bef393b905b23284  2009.0/x86_64/lib64bzip2-devel-1.0.5-3.1mdv2009.0.x86_64.rpm
 3b0bb3ba3037ab3dfe6d0456e5972742  2009.0/x86_64/lib64clamav6-0.96.2-0.1mdv2009.0.x86_64.rpm
 37376f851e9a9403268f4097e79a6a0e  2009.0/x86_64/lib64clamav-devel-0.96.2-0.1mdv2009.0.x86_64.rpm 
 9ed76151adc2caca3fd032e6f79af616  2009.0/SRPMS/bzip2-1.0.5-3.1mdv2009.0.src.rpm
 dd04096ea413293b2750911ae595d92e  2009.0/SRPMS/clamav-0.96.2-0.1mdv2009.0.src.rpm

MES5 i586

 d827d299d5a4205bdc0faceb6b2d7f34  mes5/i586/bzip2-1.0.5-3.1mdvmes5.1.i586.rpm
 1c83dd65b90f0d488a7fb19dc5db8b66  mes5/i586/clamav-0.96.2-0.1mdvmes5.1.i586.rpm
 a9ad04b15a2556a6408d727121e7ec62  mes5/i586/clamav-db-0.96.2-0.1mdvmes5.1.i586.rpm
 da5eae6ba6b44f5716f31b989bf2799d  mes5/i586/clamav-milter-0.96.2-0.1mdvmes5.1.i586.rpm
 a8614740ba8707eceb0687ef6852620a  mes5/i586/clamd-0.96.2-0.1mdvmes5.1.i586.rpm
 ced60348c12f4615cfbbebb928edf7cf  mes5/i586/libbzip2_1-1.0.5-3.1mdvmes5.1.i586.rpm
 3a35bf17183e938449aa73dabc5320cb  mes5/i586/libbzip2-devel-1.0.5-3.1mdvmes5.1.i586.rpm
 ff58293b747aac4e574b249d78e60d69  mes5/i586/libclamav6-0.96.2-0.1mdvmes5.1.i586.rpm
 407eb98f3a0b43f444ef6d58c3724978  mes5/i586/libclamav-devel-0.96.2-0.1mdvmes5.1.i586.rpm
 8e7a6c673b50b8cf565db9c425e614f4  mes5/i586/perl-Compress-Bzip2-2.09-6.1mdvmes5.1.i586.rpm 
 3962dda9b4bfca75ce205e09da56daec  mes5/SRPMS/bzip2-1.0.5-3.1mdvmes5.1.src.rpm
 4c284198a38a800bde7d111ba7986750  mes5/SRPMS/clamav-0.96.2-0.1mdvmes5.1.src.rpm
 d48ef5d54841f35312a852f00b94dd04  mes5/SRPMS/perl-Compress-Bzip2-2.09-6.1mdvmes5.1.src.rpm

2010.1 i586

 99c50a7ded69e267182dd52fe92f1283  2010.1/i586/bzip2-1.0.5-7.1mdv2010.1.i586.rpm
 314e947ffbf24717b15ddc603d5388c5  2010.1/i586/libbzip2_1-1.0.5-7.1mdv2010.1.i586.rpm
 ac1d6098d1da019e890754ea6cc345d8  2010.1/i586/libbzip2-devel-1.0.5-7.1mdv2010.1.i586.rpm 
 693436a36b7d0c172b5cee2fb56a707c  2010.1/SRPMS/bzip2-1.0.5-7.1mdv2010.1.src.rpm

2010.0 x86_64

 91e8c91b5cf57604923a5fb0cb4e67fd  2010.0/x86_64/bzip2-1.0.5-6.1mdv2010.0.x86_64.rpm
 bd86abbb47f2c2547f057be43befcac9  2010.0/x86_64/lib64bzip2_1-1.0.5-6.1mdv2010.0.x86_64.rpm
 1e0f8c2fe423d6dd6624a71e7fc47922  2010.0/x86_64/lib64bzip2-devel-1.0.5-6.1mdv2010.0.x86_64.rpm 
 045fc708dce0b8c053499d4f60c5d665  2010.0/SRPMS/bzip2-1.0.5-6.1mdv2010.0.src.rpm

2010.0 i586

 6268e6b188d0670265dbb90c0c5956d3  2010.0/i586/bzip2-1.0.5-6.1mdv2010.0.i586.rpm
 7b34af049f2266a982e9dc179f00cafe  2010.0/i586/libbzip2_1-1.0.5-6.1mdv2010.0.i586.rpm
 53773a2856399de8ce8c9317a673e153  2010.0/i586/libbzip2-devel-1.0.5-6.1mdv2010.0.i586.rpm 
 045fc708dce0b8c053499d4f60c5d665  2010.0/SRPMS/bzip2-1.0.5-6.1mdv2010.0.src.rpm

2009.1 i586

 b58bfd224d685bc933eefba5ff554726  2009.1/i586/bzip2-1.0.5-5.1mdv2009.1.i586.rpm
 0fe8becd5967d67a406cb2bc9432aa7b  2009.1/i586/libbzip2_1-1.0.5-5.1mdv2009.1.i586.rpm
 917c1ff311fd8e710bb050cf139031a2  2009.1/i586/libbzip2-devel-1.0.5-5.1mdv2009.1.i586.rpm 
 3fe179dd2193eaae17fbb6dd58ec1ba4  2009.1/SRPMS/bzip2-1.0.5-5.1mdv2009.1.src.rpm

2009.0 i586

 fd6db21c99977e5a63ffdaf2ea8508b2  2009.0/i586/bzip2-1.0.5-3.1mdv2009.0.i586.rpm
 a9e0deb0ef8c0f74357f5e1d035365e6  2009.0/i586/clamav-0.96.2-0.1mdv2009.0.i586.rpm
 59f24ea15e867d6da8ee312fa47adf6b  2009.0/i586/clamav-db-0.96.2-0.1mdv2009.0.i586.rpm
 c2ec68a64a6bf8424d1a3c50183f9249  2009.0/i586/clamav-milter-0.96.2-0.1mdv2009.0.i586.rpm
 d267e9c4e7c89a20feb90c71845db826  2009.0/i586/clamd-0.96.2-0.1mdv2009.0.i586.rpm
 398f6174cc4bce5b9003b88b8e521069  2009.0/i586/libbzip2_1-1.0.5-3.1mdv2009.0.i586.rpm
 9eb59f0435e387d5ee83320538def286  2009.0/i586/libbzip2-devel-1.0.5-3.1mdv2009.0.i586.rpm
 c2cb928173bf1d157798cbd2b4a7da0b  2009.0/i586/libclamav6-0.96.2-0.1mdv2009.0.i586.rpm
 61dc9e23e85f761e90012d887d92c87a  2009.0/i586/libclamav-devel-0.96.2-0.1mdv2009.0.i586.rpm 
 9ed76151adc2caca3fd032e6f79af616  2009.0/SRPMS/bzip2-1.0.5-3.1mdv2009.0.src.rpm
 dd04096ea413293b2750911ae595d92e  2009.0/SRPMS/clamav-0.96.2-0.1mdv2009.0.src.rpm

CS4.0 i586

 b1ba1ad1832a7ba096f8dd6059396d67  corporate/4.0/i586/bzip2-1.0.3-1.4.20060mlcs4.i586.rpm
 6b23f0c89189d36f5854a7bd8149e9f5  corporate/4.0/i586/clamav-0.96.2-0.1.20060mlcs4.i586.rpm
 3b5e8c8baccd90efef63ccfe653fcdfc  corporate/4.0/i586/clamav-db-0.96.2-0.1.20060mlcs4.i586.rpm
 07b13390e7515ea462c311f301b847c9  corporate/4.0/i586/clamav-milter-0.96.2-0.1.20060mlcs4.i586.rpm
 2612d120d120ee94eba39480485b4d6f  corporate/4.0/i586/clamd-0.96.2-0.1.20060mlcs4.i586.rpm
 78b75820cbbe61c35eace2da5988081f  corporate/4.0/i586/libbzip2_1-1.0.3-1.4.20060mlcs4.i586.rpm
 327772a179a7afe71964217b2ed50ef8  corporate/4.0/i586/libbzip2_1-devel-1.0.3-1.4.20060mlcs4.i586.rpm
 a4ba0718507ba3a62aab7f5286c20dd7  corporate/4.0/i586/libclamav6-0.96.2-0.1.20060mlcs4.i586.rpm
 361c8f3174f0768c7206145513e0dcc8  corporate/4.0/i586/libclamav-devel-0.96.2-0.1.20060mlcs4.i586.rpm 
 29309bbcf2bdc4794afb272999449f61  corporate/4.0/SRPMS/bzip2-1.0.3-1.4.20060mlcs4.src.rpm
 eedb0c69f489a0c59e791ab9729088a3  corporate/4.0/SRPMS/clamav-0.96.2-0.1.20060mlcs4.src.rpm

2008.0 x86_64

 318361945d90569a6492d5e91eee7ca8  2008.0/x86_64/bzip2-1.0.4-2.2mdv2008.0.x86_64.rpm
 35d8a1813410f7ee1283ce59f06898c5  2008.0/x86_64/clamav-0.96.2-0.1mdv2008.0.x86_64.rpm
 ef048ad00bbf398e18d627845661dcb9  2008.0/x86_64/clamav-db-0.96.2-0.1mdv2008.0.x86_64.rpm
 c054765a0bd19f8f0910927e9a57a8a1  2008.0/x86_64/clamav-milter-0.96.2-0.1mdv2008.0.x86_64.rpm
 18e20751418165c622475361c84a4d46  2008.0/x86_64/clamd-0.96.2-0.1mdv2008.0.x86_64.rpm
 daf0c53ef4d5da6412627570fb3723a6  2008.0/x86_64/lib64bzip2_1-1.0.4-2.2mdv2008.0.x86_64.rpm
 8c9efa494dae55b040b509d483741193  2008.0/x86_64/lib64bzip2_1-devel-1.0.4-2.2mdv2008.0.x86_64.rpm
 ee66da08a714d5bb45b17009ae34feb3  2008.0/x86_64/lib64clamav6-0.96.2-0.1mdv2008.0.x86_64.rpm
 baccbabbf2d697a10b415c941cb16bbc  2008.0/x86_64/lib64clamav-devel-0.96.2-0.1mdv2008.0.x86_64.rpm 
 3f520987cd857a35f7450c902b6099b5  2008.0/SRPMS/bzip2-1.0.4-2.2mdv2008.0.src.rpm
 08f4ef7e1a9a3a763e20fe53a53a10c7  2008.0/SRPMS/clamav-0.96.2-0.1mdv2008.0.src.rpm

CS4.0 x86_64

 46aa0947c3cf56328487c3db78a3af2a  corporate/4.0/x86_64/bzip2-1.0.3-1.4.20060mlcs4.x86_64.rpm
 a66339ac70941f997d275cccf20f3a36  corporate/4.0/x86_64/clamav-0.96.2-0.1.20060mlcs4.x86_64.rpm
 17b73e6a89b24fe9447e18ce99551dfe  corporate/4.0/x86_64/clamav-db-0.96.2-0.1.20060mlcs4.x86_64.rpm
 4ea0a0fe486dc946fa9c07568b940006  corporate/4.0/x86_64/clamav-milter-0.96.2-0.1.20060mlcs4.x86_64.rpm
 989fab470af0670fb3aeeef7f3ce4537  corporate/4.0/x86_64/clamd-0.96.2-0.1.20060mlcs4.x86_64.rpm
 c44b46cfbab7e8a473521bea6b9b9551  corporate/4.0/x86_64/lib64bzip2_1-1.0.3-1.4.20060mlcs4.x86_64.rpm
 fea82db6ffd3f58bbcea1bc4a64909dd  corporate/4.0/x86_64/lib64bzip2_1-devel-1.0.3-1.4.20060mlcs4.x86_64.rpm
 e9ad04d2b7aaf351cf126293cb63e6b5  corporate/4.0/x86_64/lib64clamav6-0.96.2-0.1.20060mlcs4.x86_64.rpm
 ab5026465e94a70a72ca1cefdc524874  corporate/4.0/x86_64/lib64clamav-devel-0.96.2-0.1.20060mlcs4.x86_64.rpm 
 29309bbcf2bdc4794afb272999449f61  corporate/4.0/SRPMS/bzip2-1.0.3-1.4.20060mlcs4.src.rpm
 eedb0c69f489a0c59e791ab9729088a3  corporate/4.0/SRPMS/clamav-0.96.2-0.1.20060mlcs4.src.rpm

2008.0 i586

 208f420c851e7a862cbc49048df3460d  2008.0/i586/bzip2-1.0.4-2.2mdv2008.0.i586.rpm
 d5c478b39b0a06aaad6b77558be03da6  2008.0/i586/clamav-0.96.2-0.1mdv2008.0.i586.rpm
 54201efe88ab1f5064b7efbbd7e65708  2008.0/i586/clamav-db-0.96.2-0.1mdv2008.0.i586.rpm
 042e719c811b237046c99a06d98e4607  2008.0/i586/clamav-milter-0.96.2-0.1mdv2008.0.i586.rpm
 4105a40a7442d1f93d43b9379eafdc58  2008.0/i586/clamd-0.96.2-0.1mdv2008.0.i586.rpm
 cbd8dbd04e5c2d64be079454df287f4c  2008.0/i586/libbzip2_1-1.0.4-2.2mdv2008.0.i586.rpm
 1303149fada878eef9e528118462e196  2008.0/i586/libbzip2_1-devel-1.0.4-2.2mdv2008.0.i586.rpm
 8951662548f5990e373bfab9ab270759  2008.0/i586/libclamav6-0.96.2-0.1mdv2008.0.i586.rpm
 42ebe0de39a03f4bd225514dca97cb8f  2008.0/i586/libclamav-devel-0.96.2-0.1mdv2008.0.i586.rpm 
 3f520987cd857a35f7450c902b6099b5  2008.0/SRPMS/bzip2-1.0.4-2.2mdv2008.0.src.rpm
 08f4ef7e1a9a3a763e20fe53a53a10c7  2008.0/SRPMS/clamav-0.96.2-0.1mdv2008.0.src.rpm

2009.1 x86_64

 016a47124cd079e2bf6e55d7c9088193  2009.1/x86_64/bzip2-1.0.5-5.1mdv2009.1.x86_64.rpm
 8f641d22a43c4aff4ccac848e379f881  2009.1/x86_64/lib64bzip2_1-1.0.5-5.1mdv2009.1.x86_64.rpm
 4e4df8103f61e92f5111c2437ec77e00  2009.1/x86_64/lib64bzip2-devel-1.0.5-5.1mdv2009.1.x86_64.rpm 
 3fe179dd2193eaae17fbb6dd58ec1ba4  2009.1/SRPMS/bzip2-1.0.5-5.1mdv2009.1.src.rpm

MES5 x86_64

 a9c39d551ae1dbec30029f099d3a2739  mes5/x86_64/bzip2-1.0.5-3.1mdvmes5.1.x86_64.rpm
 3edbf1083c02602aea55b24059e93b20  mes5/x86_64/clamav-0.96.2-0.1mdvmes5.1.x86_64.rpm
 adeadebc3810dd00bfe62923d03b647f  mes5/x86_64/clamav-db-0.96.2-0.1mdvmes5.1.x86_64.rpm
 93e04c4d98acdda846957314323d4d42  mes5/x86_64/clamav-milter-0.96.2-0.1mdvmes5.1.x86_64.rpm
 bcc29f7977da80e5f91bf1e40aec1c25  mes5/x86_64/clamd-0.96.2-0.1mdvmes5.1.x86_64.rpm
 aab9831f478c6d3dfd8c45cc646602fb  mes5/x86_64/lib64bzip2_1-1.0.5-3.1mdvmes5.1.x86_64.rpm
 47202cc8e93b191cc9c2fd49a7f17b84  mes5/x86_64/lib64bzip2-devel-1.0.5-3.1mdvmes5.1.x86_64.rpm
 06014379c24c7e4d9009252333c1c597  mes5/x86_64/lib64clamav6-0.96.2-0.1mdvmes5.1.x86_64.rpm
 e7d924b393cac661385cbb4b3c4068e2  mes5/x86_64/lib64clamav-devel-0.96.2-0.1mdvmes5.1.x86_64.rpm
 6e7a4164d865f1e5f4a4f45514fbe6d2  mes5/x86_64/perl-Compress-Bzip2-2.09-6.1mdvmes5.1.x86_64.rpm 
 3962dda9b4bfca75ce205e09da56daec  mes5/SRPMS/bzip2-1.0.5-3.1mdvmes5.1.src.rpm
 4c284198a38a800bde7d111ba7986750  mes5/SRPMS/clamav-0.96.2-0.1mdvmes5.1.src.rpm
 d48ef5d54841f35312a852f00b94dd04  mes5/SRPMS/perl-Compress-Bzip2-2.09-6.1mdvmes5.1.src.rpm

2010.1 x86_64

 714eed658a65f01629a9094cc601cbd2  2010.1/x86_64/bzip2-1.0.5-7.1mdv2010.1.x86_64.rpm
 7683e73aef5c9b6fa2b3a054ee8f456c  2010.1/x86_64/lib64bzip2_1-1.0.5-7.1mdv2010.1.x86_64.rpm
 c9c129fc2d1dad1b3b5b7c64baad3bbe  2010.1/x86_64/lib64bzip2-devel-1.0.5-7.1mdv2010.1.x86_64.rpm 
 693436a36b7d0c172b5cee2fb56a707c  2010.1/SRPMS/bzip2-1.0.5-7.1mdv2010.1.src.rpm

Referenzen