OpenPKG Security Advisory
OpenPKG-SA-2005.008
Publisher Name: OpenPKG GmbH Publisher Home: http://openpkg.com/ Advisory Id (public): OpenPKG-SA-2005.008 Advisory Type: OpenPKG Security Advisory (SA) Advisory Directory: http://openpkg.com/go/OpenPKG-SA Advisory Document: http://openpkg.com/go/OpenPKG-SA-2005.008 Advisory Published: 2008-07-25 12:29 UTC Issue Id (internal): OpenPKG-SI-20050610.02 Issue First Created: 2005-06-10 Issue Last Modified: 2006-11-28 Issue Revision: 06
Subject Name: bzip2 Subject Summary: De-/Compression with BZIP2 Algorithm Subject Home: http://www.bzip.org/ Subject Versions: * <= 1.0.2 Vulnerability Id: CVE-2005-0953, CVE-2005-1260 Vulnerability Scope: global (not OpenPKG specific) Attack Feasibility: run-time Attack Vector: local system Attack Impact: denial of service, manipulation of data Description: According to a BugTraq posting [0], Imran Ghory discovered a time of check time of use (TOCTOU) file mode vulnerability in the BZip2 data compressor [1]. Because bzip2(1) does not safely restore the mode of a file undergoing compression or decompression, a malicious user can potentially change the mode of any file belonging to the user running bzip2(1). CVE-2005-0953 In a unrelated case, a denial of service vulnerability was found in both the bzip2(1) program and its associated library libbz2(3). Specially crafted BZip2 archives lead to an infinite loop in the decompressor which results in an indefinitively large output file. This could be exploited to cause disk space exhaustion. CVE-2005-1260 Because the OpenPKG bootstrap package embeds BZip2, it is affected as well. Please refer to OpenPKG-SA-2005.010-openpkg for details [4]. References: [0] http://marc.theaimsgroup.com/?l=bugtraq&m=111229375217633 [1] http://www.bzip.org/ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0953 [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1260 [4] http://www.openpkg.org/security/OpenPKG-SA-2005.010-openpkg.html [5] http://www.openpkg.org/tutorial.html#regular-source [6] http://www.openpkg.org/tutorial.html#regular-binary [7] ftp://ftp.openpkg.org/release/2.3/UPD/bzip2-1.0.2-2.3.1.src.rpm [8] ftp://ftp.openpkg.org/release/2.2/UPD/bzip2-1.0.2-2.2.1.src.rpm [9] ftp://ftp.openpkg.org/release/2.3/UPD/ [10] ftp://ftp.openpkg.org/release/2.2/UPD/ [11] http://www.openpkg.org/security.html#signature
Primary Package Name: bzip2 Primary Package Home: http://openpkg.org/go/package/bzip2 Affected Distribution: Affected Branch: Affected Package: OpenPKG Community 2.2-SOLID bzip2-1.0.2-2.2.0 OpenPKG Community 2.3-SOLID analog-6.0-2.3.0 OpenPKG Community 2.3-SOLID bzip2-1.0.2-2.3.0 OpenPKG Community CURRENT analog-6.0-20041220 OpenPKG Community CURRENT bzip2-1.0.2-20050324 Corrected Distribution: Corrected Branch: Corrected Package: OpenPKG Community 2.2-SOLID bzip2-1.0.2-2.2.1 OpenPKG Community 2.3-SOLID analog-6.0-2.3.1 OpenPKG Community 2.3-SOLID bzip2-1.0.2-2.3.1 OpenPKG Community CURRENT analog-6.0-20050608 OpenPKG Community CURRENT bzip2-1.0.3-20050506
