oss-sec mailing list archives
Re: CVE request: bzip2 CERT-FI: 20469
From: Josh Bressers <bressers () redhat com>
Date: Tue, 18 Mar 2008 10:46:00 -0400
Hey, CERT-FI: 20469 [1] was released yesterday, and with it a new bzip2=20 release, quoting their CHANGES: 1.0.5 (10 Dec 07) ~~~~~~~~~~~~~~~~~ Security fix only. Fixes CERT-FI 20469 as it applies to bzip2. Reading the patch [2], it's missing a boundary check that can lead to an over-read on the tt/ll heap-buffer. I'd call this a DoS, did anyone else review?
I'm running version 1.0.4 through the bzip2 files now (it takes a long time
to run, there are a lot of files). If I find the reproducer, I'll let you
know.
I saw no crashes when I ran the CERT-FI suite over bzip2 versions 1.0.1,
1.0.2, and 1.0.3.
--
JB
Current thread:
- CVE request: bzip2 CERT-FI: 20469 Robert Buchholz (Mar 18)
- Re: CVE request: bzip2 CERT-FI: 20469 Josh Bressers (Mar 18)
- Re: CVE request: bzip2 CERT-FI: 20469 Steven M. Christey (Mar 18)
- Re: CVE request: bzip2 CERT-FI: 20469 Josh Bressers (Mar 19)
- Re: CVE request: bzip2 CERT-FI: 20469 Josh Bressers (Mar 18)