[CLSA-2026:1776956583] bzip2: Fix of 2 CVEs
Type:
security
Severity:
Critical
Release date:
2026-04-25 08:42:48 UTC
Description:
- CVE-2019-12900: fix out-of-bounds write in BZ2_decompress when many selectors are present - CVE-2016-3189: fix use-after-free in bzip2recover
Updated packages:
  • bzip2-1.0.6-13.el7.tuxcare.els1.x86_64.rpm
    sha:605b0fe5a6bac8886e07004e7caf2910b7fdc6891568b1eb15f8ffb3188efcd8
  • bzip2-devel-1.0.6-13.el7.tuxcare.els1.i686.rpm
    sha:b8b22a9421b99b938a225b41352a6b5786dd90adb7acae2bfffdb7e53d26d3e7
  • bzip2-devel-1.0.6-13.el7.tuxcare.els1.x86_64.rpm
    sha:19bb17d26026d706106ec8813c70477837586f267c21df354b16efd23b076e0f
  • bzip2-libs-1.0.6-13.el7.tuxcare.els1.i686.rpm
    sha:f0fa283ccd9eb9d2b9b04d3ff6c2a9087926d98fdeed95c4e5d9a50fca9f8c72
  • bzip2-libs-1.0.6-13.el7.tuxcare.els1.x86_64.rpm
    sha:5cb3ddc8548fbb441106c793d2b615168c4e9ecba90c399e687323ba85e8af54
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.