bzip2 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1140964547
업데이트 : 2006.02.26
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows
local users to execute arbitrary commands via filenames that are injected into
a sed script.
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions
of arbitrary files via a hard link attack on a file while it is being decompressed,
whose permissions are changed by bzip2 after the decompression is complete.
bzip2 allows remote attackers to cause a denial of service (hard drive consumption)
via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
Autoupdates 지원 : 지원