FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-02-13 20:06:50 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
0ddb57a9-da20-4e99-b048-4366092f3d31	bzip2 -- integer overflow vulnerability Secunia reports: A vulnerability has been reported in bzip2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to an integer overflow in the "BZ2_decompress()" function in decompress.c and can be exploited to cause a crash or potentially execute arbitrary code. Discovery 2010-09-21 Entry 2010-10-25 bzip2 < 1.0.6 SA-10:08.bzip2 ports/151364 CVE-2010-0405 43331 http://www.openwall.com/lists/oss-security/2010/09/21/4 http://secunia.com/advisories/41452
4b6cb45d-881e-447a-a4e0-c97a954ea758	bzip2 -- multiple issues bzip2 developers reports: CVE-2016-3189 - Fix use-after-free in bzip2recover (Jakub Martisko) CVE-2019-12900 - Detect out-of-range nSelectors in corrupted files (Albert Astals Cid). Found through fuzzing karchive. Discovery 2019-06-23 Entry 2019-06-30 bzip2 < 1.0.7 https://gitlab.com/federicomenaquintero/bzip2/blob/master/NEWS https://bugzilla.redhat.com/show_bug.cgi?id=1319648 CVE-2016-3189 CVE-2019-12900

VuXML ID

Description

0ddb57a9-da20-4e99-b048-4366092f3d31

bzip2 -- integer overflow vulnerability

Secunia reports:

A vulnerability has been reported in bzip2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

The vulnerability is caused due to an integer overflow in the "BZ2_decompress()" function in decompress.c and can be exploited to cause a crash or potentially execute arbitrary code.

Discovery 2010-09-21
Entry 2010-10-25
bzip2

< 1.0.6

SA-10:08.bzip2
ports/151364
CVE-2010-0405
43331
http://www.openwall.com/lists/oss-security/2010/09/21/4
http://secunia.com/advisories/41452

4b6cb45d-881e-447a-a4e0-c97a954ea758

bzip2 -- multiple issues

bzip2 developers reports:

CVE-2016-3189 - Fix use-after-free in bzip2recover (Jakub Martisko)

CVE-2019-12900 - Detect out-of-range nSelectors in corrupted files (Albert Astals Cid). Found through fuzzing karchive.

Discovery 2019-06-23
Entry 2019-06-30
bzip2

< 1.0.7

https://gitlab.com/federicomenaquintero/bzip2/blob/master/NEWS
https://bugzilla.redhat.com/show_bug.cgi?id=1319648
CVE-2016-3189
CVE-2019-12900