LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: December 12th, 2014
Linux Security Week: December 9th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Slackware: 2010-263-01: bzip2: Security Update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Slackware New bzip2 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. [More Info...]
[slackware-security]  bzip2 (SSA:2010-263-01)

New bzip2 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue.


Here are the details from the Slackware 13.1 ChangeLog:
+--------------------------+
patches/packages/bzip2-1.0.6-i486-1_slack13.1.txz:  Upgraded.
  This update fixes an integer overflow that could allow a specially
  crafted bzip2 archive to cause a crash (denial of service), or execute
  arbitrary code.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0405
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT:  Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try.  This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bzip2-1.0.6-i386-1_slack8.1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bzip2-1.0.6-i386-1_slack9.0.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bzip2-1.0.6-i486-1_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bzip2-1.0.6-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bzip2-1.0.6-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bzip2-1.0.6-i486-1_slack10.2.tgz

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bzip2-1.0.6-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bzip2-1.0.6-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bzip2-1.0.6-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bzip2-1.0.6-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bzip2-1.0.6-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bzip2-1.0.6-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bzip2-1.0.6-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bzip2-1.0.6-x86_64-1_slack13.1.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/bzip2-1.0.6-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/bzip2-1.0.6-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 8.1 package:
84d60e216444b84ba78b486eb9ccbb91  bzip2-1.0.6-i386-1_slack8.1.tgz

Slackware 9.0 package:
dd0d41fe91e6c8ed873a0b44d391a7e2  bzip2-1.0.6-i386-1_slack9.0.tgz

Slackware 9.1 package:
ec9160719f70fea630aaa3be34ddc90f  bzip2-1.0.6-i486-1_slack9.1.tgz

Slackware 10.0 package:
6610390be424aad23a38c789fff638aa  bzip2-1.0.6-i486-1_slack10.0.tgz

Slackware 10.1 package:
1ebe7fba45881b0dd54a0f2de9ba610a  bzip2-1.0.6-i486-1_slack10.1.tgz

Slackware 10.2 package:
c597ec46fd081149fd3f20c41aa7382a  bzip2-1.0.6-i486-1_slack10.2.tgz

Slackware 11.0 package:
b5893328637bbe3a98689b4e7d75cb9e  bzip2-1.0.6-i486-1_slack11.0.tgz

Slackware 12.0 package:
9a2870408f58f21f68ef011d5cf0af88  bzip2-1.0.6-i486-1_slack12.0.tgz

Slackware 12.1 package:
11e076f0aa81e82d8a5a23e6d99951b8  bzip2-1.0.6-i486-1_slack12.1.tgz

Slackware 12.2 package:
5722d4beb85b251eb3655c71095f557f  bzip2-1.0.6-i486-1_slack12.2.tgz

Slackware 13.0 package:
ecfc67bb19dc3c8c884b5f6e72d825e0  bzip2-1.0.6-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
d5cc1615ee345330700990410341e176  bzip2-1.0.6-x86_64-1_slack13.0.txz

Slackware 13.1 package:
5dd167fb79967beb5ea555ca3c5dca85  bzip2-1.0.6-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
7a7b3c58cc002211fac5b3baf90d761e  bzip2-1.0.6-x86_64-1_slack13.1.txz

Slackware -current package:
68d1359ea350dd2d0b501f9c6e11c8a6  a/bzip2-1.0.6-i486-1.txz

Slackware x86_64 -current package:
46f4b8736e811c7d5274a3ceda03af5b  a/bzip2-1.0.6-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg bzip2-1.0.6-i486-1_slack13.1.txz

Then, restart any services that use libbz2.


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
University of California, Berkeley Hacked, Data Compromised
London teen pleads guilty to Spamhaus DDoS
New England security group shares threat intelligence, strives to bolster region
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.