CVE-2005-1260

Publication date 19 May 2005

Last updated 24 July 2024

Ubuntu priority

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a “decompression bomb”).

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
bzip2	7.04 feisty	Fixed 1.0.3-0ubuntu2
	6.10 edgy	Fixed 1.0.3-0ubuntu2
	6.06 LTS dapper	Fixed 1.0.3-0ubuntu2

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-127-1
bzip2 vulnerabilities
17 May 2005

Other references

https://www.cve.org/CVERecord?id=CVE-2005-1260