Update Bzip2 from 1.0.6 to 1.0.7 #1163
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From the [announcement][1]: > We are happy to announce the release of bzip2 1.0.7. > > This is an emergency release because the old bzip2 home > is gone and there were outstanding security issues. > The original bzip2 home, downloads and documentation > can now be found at: https://sourceware.org/bzip2/ > > bzip2 1.0.7 contains only the following bug/security fixes: > > * Fix undefined behavior in the macros SET_BH, CLEAR_BH, & ISSET_BH > * bzip2: Fix return value when combining --test,-t and -q. > * bzip2recover: Fix buffer overflow for large argv[0] > * bzip2recover: Fix use after free issue with outFile (CVE-2016-3189) > * Make sure nSelectors is not out of range (CVE-2019-12900) > > A future 1.1.x release is being prepared by Federico Mena Quintero > which will include more fixes, an updated build system and possibly > an updated SONAME default. > > Please read his blog for more background on this: > https://people.gnome.org/~federico/blog/tag/bzip2.html More details can be found in [2] and [3]. [1]: https://sourceware.org/ml/bzip2-devel/2019-q2/msg00022.html [2]: https://people.gnome.org/~federico/blog/preparing-the-bzip2-107-release.html [3]: https://gnu.wildebeest.org/blog/mjw/2019/06/27/bzip2-1-0-7/
Follow the Linux From Scratch book [instructions][1]. [1]: http://www.linuxfromscratch.org/lfs/view/development/chapter06/bzip2.html
pmenzel
force-pushed
the
update-bzip2-from-1.0.6-to-1.0.7
branch
from
2194cf4
to
5b62bd7
Compare
Sign in
to join this conversation on GitHub.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Tested on rabammel.