-
bzip2 (1.0.6-8ubuntu0.2) xenial-security; urgency=medium
* SECURITY REGRESSION: bzip2 update for CVE-2019-12900 causes some files raises
incorrect CRC error. (LP: #1834494)
- debian/patches/Accept-as-many-selectors-as-selectors*.patch
-- <email address hidden> (Leonidas S. Barbosa) Thu, 04 Jul 2019 09:27:38 -0300
-
bzip2 (1.0.6-8ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2016-3189.patch: add
a outFile NULL in order to fix a potential user-after-free
in bzip2/recover.c.
- CVE-2016-3189
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2019-12900.patch: make sure
nSelectors is not out of range in decompress.c.
- CVE-2019-12900
-- <email address hidden> (Leonidas S. Barbosa) Mon, 24 Jun 2019 15:32:01 -0300
-
bzip2 (1.0.6-8) unstable; urgency=medium
* Remove Jorge Ernesto Guevara Cuenca from Uploaders, as agreed with him.
* Drop unused Build-Depends: gcc-multilib. Thanks to Helmut Grohne
<email address hidden>. Closes: #778640
* Bump Standards-Version to 3.9.6. No changes needed.
-- Santiago Ruano Rincón <email address hidden> Tue, 19 May 2015 21:37:20 +0200