[OmniOS-discuss] ANNOUNCEMENT: Security Update bzip2 Vulnerability
Tobias Oetiker
tobi at oetiker.ch
Mon Aug 21 13:42:37 UTC 2017
OmniOS Community Edition has updated the bzip2 Package for r151022 and bloody to fix CVE-2016-3189
A remote user can create a specially crafted bzip2 file that, when processed for recovery by the target application, will trigger a use-after-free memory error in bzip2recover and cause the target application to crash.
This release does NOT require a reboot.
--
Tobi Oetiker, OETIKER+PARTNER AG, Aarweg 15 CH-4600 Olten, Switzerland
www.oetiker.ch tobi at oetiker.ch +41 62 775 9902
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omniosce.org/ml-archive/attachments/20170821/19846499/attachment.html>
More information about the OmniOS-discuss
mailing list