USN-127-1: bzip2 vulnerabilities
Posted on: 05/17/2005 08:05 AM

bzip2 security updates are available for Ubuntu Linux 4.10 and 5.04

==========================================================
Ubuntu Security Notice USN-127-1 May 17, 2005
bzip2 vulnerabilities
CAN-2005-0953, CAN-2005-1260
==========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

bzip2
libbz2-1.0

The problem can be corrected by upgrading the affected package to version 1.0.2-1ubuntu0.1 (for Ubuntu 4.10), or 1.0.2-2ubuntu0.1 (for Ubuntu 5.04). In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

Imran Ghory discovered a race condition in the file permission restore code of bunzip2. While a user was decompressing a file, a local attacker with write permissions in the directory of that file could replace the target file with a hard link. This would cause bzip2 to restore the file permissions to the hard link target instead of to the bzip2 output file, which could be exploited to gain read or even write access to files of other users. (CAN-2005-0953)

Specially crafted bzip2 archives caused an infinite loop in the decompressor which resulted in an indefinitively large output file ("decompression bomb"). This could be exploited to a Denial of Service attack due to disk space exhaustion on systems which automatically process user supplied bzip2 compressed files. (CAN-2005-1260)

Updated packages for Ubuntu 4.10 (Warty Warthog):

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1.diff.gz
Size/MD5: 11463 f41f690ff6fbab41b51f4bc74a94ccec
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1.dsc
Size/MD5: 582 35cc8d1071721389a1f15ca23c0b423f
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2.orig.tar.gz
Size/MD5: 665198 ee76864958d568677f03db8afad92beb

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1_amd64.deb
Size/MD5: 231626 c1d7730fffe239921b5029bbcae76aac
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-1ubuntu0.1_amd64.deb
Size/MD5: 36272 d4a9299e4b06726dc88a513ffd8ec55d
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-1ubuntu0.1_amd64.deb
Size/MD5: 29898 4386a71c42656cf99b33baeb99e79b4c

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1_i386.deb
Size/MD5: 228992 8bd1ee063e22d07353a45781f2e66ce3
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-1ubuntu0.1_i386.deb
Size/MD5: 37162 a09cbb601c062ed1c98a62aa6b174e27
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-1ubuntu0.1_i386.deb
Size/MD5: 29260 8eeeebcecb057b94a1174a809d0d6038

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-1ubuntu0.1_powerpc.deb
Size/MD5: 232182 0554e36432c93a0c3c1d92382ac79a6c
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-1ubuntu0.1_powerpc.deb
Size/MD5: 41406 6e44800b5f55a65e100024c9f4b60d81
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-1ubuntu0.1_powerpc.deb
Size/MD5: 33602 6127c224707e15755237526b62cc1264

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1.diff.gz
Size/MD5: 11648 ffa0f303e1b1138672df8af3ed61a36d
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1.dsc
Size/MD5: 605 038fc61ae3c6a5f1ca3e4b36db33f9b0
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2.orig.tar.gz
Size/MD5: 665198 ee76864958d568677f03db8afad92beb

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1_amd64.deb
Size/MD5: 231960 70e59024cfde7094249c8db0d7762c50
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-2ubuntu0.1_amd64.deb
Size/MD5: 36822 462dadc1b8dff11c045a45b295c2ca21
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-2ubuntu0.1_amd64.deb
Size/MD5: 30270 026c8e240a2e0fcea47d532c209af032

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1_i386.deb
Size/MD5: 229180 a05a675282214a1c944eb6c90e0cc717
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-2ubuntu0.1_i386.deb
Size/MD5: 37688 28d2f72a15e8d664aa8b2cb60fc58ca1
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-2ubuntu0.1_i386.deb
Size/MD5: 29626 e42f8c47d203c668549c08d02faebe45

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/bzip2_1.0.2-2ubuntu0.1_powerpc.deb
Size/MD5: 232506 30a2fa79bd53c66c6678dd4d581bc0a6
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-1.0_1.0.2-2ubuntu0.1_powerpc.deb
Size/MD5: 41972 90061fab66d20ccd3358988d8eda230f
http://security.ubuntu.com/ubuntu/pool/main/b/bzip2/libbz2-dev_1.0.2-2ubuntu0.1_powerpc.deb
Size/MD5: 33968 4e8568f2f05a32a84268e5bc088185ef


Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_127_1_bzip2_vulnerabilities.html)