CVE-2019-12900

BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Affected Products (NVD)
VendorProductVersion
bzipbzip2
𝑥
≤ 1.0.6
debiandebian_linux
8.0
opensuseleap
15.0
opensuseleap
15.1
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
16.04
canonicalubuntu_linux
18.04
canonicalubuntu_linux
19.04
freebsdfreebsd
11.2
freebsdfreebsd
11.2:p10
freebsdfreebsd
11.2:p11
freebsdfreebsd
11.2:p12
freebsdfreebsd
11.2:p2
freebsdfreebsd
11.2:p3
freebsdfreebsd
11.2:p4
freebsdfreebsd
11.2:p5
freebsdfreebsd
11.2:p6
freebsdfreebsd
11.2:p7
freebsdfreebsd
11.2:p8
freebsdfreebsd
11.2:p9
freebsdfreebsd
11.2:rc3
freebsdfreebsd
11.3
freebsdfreebsd
11.3:p1
freebsdfreebsd
12.0
freebsdfreebsd
12.0:p1
freebsdfreebsd
12.0:p2
freebsdfreebsd
12.0:p3
freebsdfreebsd
12.0:p4
freebsdfreebsd
12.0:p5
freebsdfreebsd
12.0:p6
freebsdfreebsd
12.0:p7
freebsdfreebsd
12.0:p8
pythonpython
3.7.0 ≤
𝑥
< 3.7.13
pythonpython
3.8.0 ≤
𝑥
< 3.8.13
pythonpython
3.9.0 ≤
𝑥
< 3.9.11
pythonpython
3.10.0 ≤
𝑥
< 3.10.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
bzip2
bookworm
1.0.8-5
fixed
bullseye
1.0.8-4
fixed
sid
1.0.8-6
fixed
stretch
no-dsa
trixie
1.0.8-6
fixed
clamav
bookworm
1.0.5+dfsg-1~deb12u1
fixed
bullseye
0.103.10+dfsg-0+deb11u1
fixed
sid
1.4.1+dfsg-1
fixed
stretch
no-dsa
trixie
1.4.1+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
bzip2
bionic
Fixed 1.0.6-8.1ubuntu0.2
released
cosmic
Fixed 1.0.6-9ubuntu0.18.10.1
released
disco
Fixed 1.0.6-9ubuntu0.19.04.1
released
trusty
Fixed 1.0.6-5ubuntu0.1~esm2
released
xenial
Fixed 1.0.6-8ubuntu0.2
released
clamav
bionic
Fixed 0.101.4+dfsg-0ubuntu0.18.04.1
released
disco
Fixed 0.101.4+dfsg-0ubuntu0.19.04.1
released
trusty
Fixed 0.101.4+dfsg-0ubuntu0.14.04.1+esm1
released
xenial
Fixed 0.101.4+dfsg-0ubuntu0.16.04.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
bzip2
suse enterprise desktop 15
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP1
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP2
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP3
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP7
1.0.8-150400.1.122
fixed
suse enterprise sap 12 SP2
1.0.6-30.8.1
fixed
suse enterprise sap 12 SP3
1.0.6-30.8.1
fixed
suse enterprise sap 12 SP5
1.0.6-30.8.1
fixed
suse enterprise sap 15
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP1
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP2
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP3
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP7
1.0.8-150400.1.122
fixed
suse enterprise server 12 SP1
1.0.6-30.8.1
fixed
suse enterprise server 12 SP2
1.0.6-30.8.1
fixed
suse enterprise server 12 SP3
1.0.6-30.8.1
fixed
suse enterprise server 12 SP5
1.0.6-30.8.1
fixed
suse enterprise server 15
1.0.6-5.9.1
fixed
suse enterprise server 15 SP1
1.0.6-5.9.1
fixed
suse enterprise server 15 SP2
1.0.6-5.9.1
fixed
suse enterprise server 15 SP3
1.0.6-5.9.1
fixed
suse enterprise server 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP7
1.0.8-150400.1.122
fixed
bzip2-doc
suse enterprise sap 12 SP2
1.0.6-30.8.1
fixed
suse enterprise sap 12 SP3
1.0.6-30.8.1
fixed
suse enterprise sap 12 SP5
1.0.6-30.8.1
fixed
suse enterprise server 12 SP1
1.0.6-30.8.1
fixed
suse enterprise server 12 SP2
1.0.6-30.8.1
fixed
suse enterprise server 12 SP3
1.0.6-30.8.1
fixed
suse enterprise server 12 SP5
1.0.6-30.8.1
fixed
clamav
suse enterprise desktop 15
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP1
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP2
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP3
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP4
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP5
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise desktop 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise sap 12 SP2
0.103.0-33.32.1
fixed
suse enterprise sap 12 SP3
0.103.0-33.32.1
fixed
suse enterprise sap 12 SP5
0.103.0-3.3.1
fixed
suse enterprise sap 15
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP1
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP2
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP3
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP4
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP5
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise sap 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise server 12 SP1
0.100.3-33.26.1
fixed
suse enterprise server 12 SP2
0.103.0-33.32.1
fixed
suse enterprise server 12 SP3
0.103.0-33.32.1
fixed
suse enterprise server 12 SP5
0.103.0-3.3.1
fixed
suse enterprise server 15
0.100.3-3.14.1
fixed
suse enterprise server 15 SP1
0.103.0-3.23.1
fixed
suse enterprise server 15 SP2
0.100.3-3.14.1
fixed
suse enterprise server 15 SP3
0.103.0-3.23.1
fixed
suse enterprise server 15 SP4
0.103.0-3.23.1
fixed
suse enterprise server 15 SP5
0.103.0-3.23.1
fixed
suse enterprise server 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise server 15 SP7
1.4.2-150600.18.9.3
fixed
clamav-devel
suse enterprise desktop 15
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP1
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP2
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP3
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP4
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP5
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise desktop 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise sap 15
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP1
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP2
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP3
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP4
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP5
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise sap 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise server 15
0.100.3-3.14.1
fixed
suse enterprise server 15 SP1
0.103.0-3.23.1
fixed
suse enterprise server 15 SP2
0.100.3-3.14.1
fixed
suse enterprise server 15 SP3
0.103.0-3.23.1
fixed
suse enterprise server 15 SP4
0.103.0-3.23.1
fixed
suse enterprise server 15 SP5
0.103.0-3.23.1
fixed
suse enterprise server 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise server 15 SP7
1.4.2-150600.18.9.3
fixed
clamav-docs-html
suse enterprise desktop 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise sap 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise server 15 SP7
1.4.2-150600.18.9.3
fixed
clamav-milter
suse enterprise desktop 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise sap 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise server 15 SP7
1.4.2-150600.18.9.3
fixed
libbz2-1
suse enterprise desktop 15
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP1
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP2
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP3
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP7
1.0.8-150400.1.122
fixed
suse enterprise sap 12 SP2
1.0.6-30.8.1
fixed
suse enterprise sap 12 SP3
1.0.6-30.8.1
fixed
suse enterprise sap 12 SP5
1.0.6-30.8.1
fixed
suse enterprise sap 15
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP1
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP2
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP3
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP7
1.0.8-150400.1.122
fixed
suse enterprise server 12 SP1
1.0.6-30.8.1
fixed
suse enterprise server 12 SP2
1.0.6-30.8.1
fixed
suse enterprise server 12 SP3
1.0.6-30.8.1
fixed
suse enterprise server 12 SP5
1.0.6-30.8.1
fixed
suse enterprise server 15
1.0.6-5.9.1
fixed
suse enterprise server 15 SP1
1.0.6-5.9.1
fixed
suse enterprise server 15 SP2
1.0.6-5.9.1
fixed
suse enterprise server 15 SP3
1.0.6-5.9.1
fixed
suse enterprise server 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP7
1.0.8-150400.1.122
fixed
libbz2-1-32bit
suse enterprise desktop 15
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP1
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP2
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP3
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP7
1.0.8-150400.1.122
fixed
suse enterprise sap 12 SP2
1.0.6-30.8.1
fixed
suse enterprise sap 12 SP3
1.0.6-30.8.1
fixed
suse enterprise sap 12 SP5
1.0.6-30.8.1
fixed
suse enterprise sap 15
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP1
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP2
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP3
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP7
1.0.8-150400.1.122
fixed
suse enterprise server 12 SP1
1.0.6-30.8.1
fixed
suse enterprise server 12 SP2
1.0.6-30.8.1
fixed
suse enterprise server 12 SP3
1.0.6-30.8.1
fixed
suse enterprise server 12 SP5
1.0.6-30.8.1
fixed
suse enterprise server 15
1.0.6-5.9.1
fixed
suse enterprise server 15 SP1
1.0.6-5.9.1
fixed
suse enterprise server 15 SP2
1.0.6-5.9.1
fixed
suse enterprise server 15 SP3
1.0.6-5.9.1
fixed
suse enterprise server 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP7
1.0.8-150400.1.122
fixed
libbz2-devel
suse enterprise desktop 15
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP1
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP2
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP3
1.0.6-5.9.1
fixed
suse enterprise desktop 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise desktop 15 SP7
1.0.8-150400.1.122
fixed
suse enterprise sap 15
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP1
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP2
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP3
1.0.6-5.9.1
fixed
suse enterprise sap 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise sap 15 SP7
1.0.8-150400.1.122
fixed
suse enterprise server 15
1.0.6-5.9.1
fixed
suse enterprise server 15 SP1
1.0.6-5.9.1
fixed
suse enterprise server 15 SP2
1.0.6-5.9.1
fixed
suse enterprise server 15 SP3
1.0.6-5.9.1
fixed
suse enterprise server 15 SP4
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP5
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP6
1.0.8-150400.1.122
fixed
suse enterprise server 15 SP7
1.0.8-150400.1.122
fixed
libclamav12
suse enterprise desktop 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise sap 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise server 15 SP7
1.4.2-150600.18.9.3
fixed
libclamav7
suse enterprise desktop 15
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP1
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP2
0.100.3-3.14.1
fixed
suse enterprise sap 15
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP1
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP2
0.100.3-3.14.1
fixed
suse enterprise server 15
0.100.3-3.14.1
fixed
suse enterprise server 15 SP1
0.100.3-3.14.1
fixed
suse enterprise server 15 SP2
0.100.3-3.14.1
fixed
libclamav9
suse enterprise desktop 15 SP1
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP2
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP3
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP4
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP5
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise sap 15 SP1
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP2
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP3
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP4
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP5
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise server 15 SP1
0.103.0-3.23.1
fixed
suse enterprise server 15 SP2
0.103.0-3.23.1
fixed
suse enterprise server 15 SP3
0.103.0-3.23.1
fixed
suse enterprise server 15 SP4
0.103.0-3.23.1
fixed
suse enterprise server 15 SP5
0.103.0-3.23.1
fixed
suse enterprise server 15 SP6
0.103.11-150600.16.7
fixed
libclammspack0
suse enterprise desktop 15
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP1
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP2
0.100.3-3.14.1
fixed
suse enterprise desktop 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise sap 15
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP1
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP2
0.100.3-3.14.1
fixed
suse enterprise sap 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise server 15
0.100.3-3.14.1
fixed
suse enterprise server 15 SP1
0.100.3-3.14.1
fixed
suse enterprise server 15 SP2
0.100.3-3.14.1
fixed
suse enterprise server 15 SP7
1.4.2-150600.18.9.3
fixed
libfreshclam2
suse enterprise desktop 15 SP1
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP2
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP3
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP4
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP5
0.103.0-3.23.1
fixed
suse enterprise desktop 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise sap 15 SP1
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP2
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP3
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP4
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP5
0.103.0-3.23.1
fixed
suse enterprise sap 15 SP6
0.103.11-150600.16.7
fixed
suse enterprise server 15 SP1
0.103.0-3.23.1
fixed
suse enterprise server 15 SP2
0.103.0-3.23.1
fixed
suse enterprise server 15 SP3
0.103.0-3.23.1
fixed
suse enterprise server 15 SP4
0.103.0-3.23.1
fixed
suse enterprise server 15 SP5
0.103.0-3.23.1
fixed
suse enterprise server 15 SP6
0.103.11-150600.16.7
fixed
libfreshclam3
suse enterprise desktop 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise sap 15 SP7
1.4.2-150600.18.9.3
fixed
suse enterprise server 15 SP7
1.4.2-150600.18.9.3
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
bzip2
RHEL 8
0:1.0.6-28.el8_10
fixed
RHEL 9
0:1.0.8-10.el9_5
fixed
bzip2-devel
RHEL 8
0:1.0.6-28.el8_10
fixed
RHEL 9
0:1.0.8-10.el9_5
fixed
bzip2-libs
RHEL 8
0:1.0.6-28.el8_10
fixed
RHEL 9
0:1.0.8-10.el9_5
fixed
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html
http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html
https://seclists.org/bugtraq/2019/Aug/4
https://seclists.org/bugtraq/2019/Jul/22
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4038-1/
https://usn.ubuntu.com/4038-2/
https://usn.ubuntu.com/4146-1/
https://usn.ubuntu.com/4146-2/
https://www.oracle.com/security-alerts/cpuoct2020.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html
http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b%40%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774%40%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4%40%3Cuser.flink.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html
https://seclists.org/bugtraq/2019/Aug/4
https://seclists.org/bugtraq/2019/Jul/22
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
https://support.f5.com/csp/article/K68713584?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4038-1/
https://usn.ubuntu.com/4038-2/
https://usn.ubuntu.com/4146-1/
https://usn.ubuntu.com/4146-2/
https://www.oracle.com/security-alerts/cpuoct2020.html