Overview

File _patchinfo of Package patchinfo.11006

<patchinfo incident="11006">
  <issue tracker="cve" id="2019-12900"/>
  <issue tracker="cve" id="2016-3189"/>
  <issue tracker="bnc" id="1139083">VUL-0: CVE-2019-12900: bzip2: BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.</issue>
  <issue tracker="bnc" id="985657">VUL-1: CVE-2016-3189: bzip2: heap use after free in bzip2recover</issue>
  <packager>kstreitova</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for bzip2</summary>
  <description>This update for bzip2 fixes the following issues:

Security issue fixed:

- CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors (bsc#1139083).
- CVE-2016-3189: Fixed a use-after-free in bzip2recover (bsc#985657).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places