Msrc Cm1 Bzip2 1.0.6-15 On Cbl Mariner 1.0 vulnerabilities

CVE-2019-12900 [CRITICAL] CWE-787 BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bounds write when there are many selectors. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the comm

CVE-2016-3189 [MEDIUM] Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file related to block ends set to before the start of the b Use-after-free vulnerability in bzip2recover in bzip2 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted bzip2 file related to block ends set to before the start of the block. FAQ: Is Azure Linux the only Microsoft product that includes this ope