Alternative nSelectors patch (Was: bzip2 1.0.7 released)
Mark Wielaard
mark@klomp.org
Tue Jan 1 00:00:00 GMT 2019
Hi,
> Attached is the patch with a commit message that hopefully explains why
> the change is correct (and why the CVE, although a source code bug,
> wasn't really exploitable in the first place). Hope it makes sense.
So the https://sourceware.org/git/bzip2-tests.git was integrated into
the buildbot and it turned RED. As expected, since without this fix it
fails with:
- ./lbzip2/32767.bz2 bad decompress result
So I have now pushed the patch and hopefully that turns the buildbot
green: https://builder.wildebeest.org/buildbot/#/builders?tags=bzip2
Cheers,
Mark
More information about the Bzip2-devel
mailing list