安全公告详情

NS-SA-2026-0013

2026-03-04 16:02:51

简介

moderate: bzip2/util-linux security update

严重级别

moderate

主题

An update for bzip2/util-linux is now available for NewStart CGSL MAIN 6.06.
NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

bzip2:
util-linux:


Security Fix(es):
bzip2: A use-after-free flaw was found in bzip2recover, leading to a null pointer dereference, or a write to a closed file descriptor. An attacker could use this flaw by sending a specially crafted bzip2 file to recover and force the program to crash.(CVE-2016-3189)
bzip2: bugfix
util-linux: Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.(CVE-2014-9114)
util-linux: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 6.06.01B6.

影响组件

  • bzip2
  • util-linux

影响产品

  • CGSL MAIN 6.06 (SP)

更新包

{"fix":[{"product":"CGSL MAIN 6.06 (SP)","pkgs":[{"binary":["bzip2-1.0.6-26.zncgsl6.t1.0.x86_64.rpm","bzip2-devel-1.0.6-26.zncgsl6.t1.0.x86_64.rpm","bzip2-libs-1.0.6-26.zncgsl6.t1.0.x86_64.rpm"],"source":"bzip2-1.0.6-26.zncgsl6.t1.0.src.rpm"},{"binary":["libblkid-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm","libblkid-devel-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm","libfdisk-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm","libmount-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm","libsmartcols-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm","libuuid-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm","libuuid-devel-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm","util-linux-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm","util-linux-user-2.32.1-35.0.1.zncgsl6.t1.0.x86_64.rpm"],"source":"util-linux-2.32.1-35.0.1.zncgsl6.t1.0.src.rpm"}]}]}

CVE

参考