Back to bug 1319648
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-03-21 09:17:22 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-21 09:17:22 UTC | Doc Type | --- | Bug Fix |
| Andrej Nemec | 2016-03-21 09:32:32 UTC | Blocks | 1319653 | |
| Andrej Nemec | 2016-04-05 07:12:06 UTC | CC | jamartis | |
| Cedric Buissart | 2016-06-14 15:06:15 UTC | Doc Text | A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. An attacker could use this flaw by sending a specially crafted bzip2 file to recover and force the program to crash. | |
| Cedric Buissart | 2016-06-16 14:38:47 UTC | CC | cbuissar | |
| Cedric Buissart | 2016-06-20 10:47:57 UTC | Attachment #1169843 Attachment is private | 1 | 0 |
| Cedric Buissart | 2016-06-20 10:48:13 UTC | Comment 4 is private | 1 | 0 |
| Cedric Buissart | 2016-06-20 10:57:03 UTC | Whiteboard | impact=moderate,public=no,reported=20160316,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-416,fedora-all/bzip2=affected,fedora-all/mingw-bzip2=affected,epel-7/mingw-bzip2=affected,rhel-5/bzip2=affected,rhel-6/bzip2=affected,rhel-7/bzip2=affected | impact=moderate,public=20160620,reported=20160316,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-416,fedora-all/bzip2=affected,fedora-all/mingw-bzip2=affected,epel-7/mingw-bzip2=affected,rhel-5/bzip2=affected,rhel-6/bzip2=affected,rhel-7/bzip2=affected |
| Cedric Buissart | 2016-06-20 10:57:06 UTC | Summary | EMBARGOED CVE-2016-3189 bzip2: heap use after free in bzip2recover | CVE-2016-3189 bzip2: heap use after free in bzip2recover |
| Cedric Buissart | 2016-06-20 10:57:09 UTC | Group | security, qe_staff | |
| Cedric Buissart | 2016-06-20 10:57:23 UTC | Depends On | 1348179 | |
| Cedric Buissart | 2016-06-20 10:57:30 UTC | Depends On | 1348180 | |
| Cedric Buissart | 2016-06-20 10:57:39 UTC | Depends On | 1348181 | |
| Cedric Buissart | 2016-06-20 12:34:52 UTC | Whiteboard | impact=moderate,public=20160620,reported=20160316,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-416,fedora-all/bzip2=affected,fedora-all/mingw-bzip2=affected,epel-7/mingw-bzip2=affected,rhel-5/bzip2=affected,rhel-6/bzip2=affected,rhel-7/bzip2=affected | impact=moderate,public=20160620,reported=20160316,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-416,fedora-all/bzip2=affected,fedora-all/mingw-bzip2=affected,epel-7/mingw-bzip2=affected,rhel-5/bzip2=wontfix,rhel-6/bzip2=wontfix,rhel-7/bzip2=wontfix |
| Cedric Buissart | 2016-06-20 12:55:12 UTC | Whiteboard | impact=moderate,public=20160620,reported=20160316,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-416,fedora-all/bzip2=affected,fedora-all/mingw-bzip2=affected,epel-7/mingw-bzip2=affected,rhel-5/bzip2=wontfix,rhel-6/bzip2=wontfix,rhel-7/bzip2=wontfix | impact=low,public=20160620,reported=20160316,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-416,fedora-all/bzip2=affected,fedora-all/mingw-bzip2=affected,epel-7/mingw-bzip2=affected,rhel-5/bzip2=wontfix,rhel-6/bzip2=wontfix,rhel-7/bzip2=wontfix |
| Cedric Buissart | 2016-06-20 12:55:17 UTC | Severity | medium | low |
| Cedric Buissart | 2016-06-20 12:55:23 UTC | Priority | medium | low |
| Cedric Buissart | 2016-06-20 12:56:55 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2016-06-20 08:56:55 UTC | |||
| Norman Sardella | 2016-06-20 20:00:31 UTC | CC | sardella | |
| Slawomir Czarko | 2016-07-01 10:25:10 UTC | CC | slawomir | |
| Henri Salo | 2016-07-03 09:18:54 UTC | CC | henri | |
| Product Security DevOps Team | 2019-09-29 13:45:56 UTC | Whiteboard | impact=low,public=20160620,reported=20160316,source=researcher,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P,cwe=CWE-416,fedora-all/bzip2=affected,fedora-all/mingw-bzip2=affected,epel-7/mingw-bzip2=affected,rhel-5/bzip2=wontfix,rhel-6/bzip2=wontfix,rhel-7/bzip2=wontfix |
Back to bug 1319648