A bzip2 security update has been released for Debian GNU/Linux 9 Extended LTS to address a vulnerability.
ELA-855-1 bzip2 security update
Package : bzip2
ELA-855-1 bzip2 security update
Version : 1.0.6-8.1+deb9u1 (stretch)
Related CVEs :
CVE-2019-12900
A vulnerability has been fixed in bzip2, a high-quality block-sorting file
compressor. CVE-2019-12900 is a out-of-bounds write when using a crafted
compressed file.
This vulnerability was fixed in Debian Jessie, with bzip2 version
1.0.6-4+deb7u1
