Red Hat Product Errata RHSA-2025:0733 - Security Advisory
Issued:
2025-01-28
Updated:
2025-01-28

RHSA-2025:0733 - Security Advisory

Synopsis

Moderate: bzip2 security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for bzip2 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs.

Security Fix(es):

  • bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail). (CVE-2019-12900)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2332075 - CVE-2019-12900 bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail).
  • RHEL-67824 - Recent bzip2 RHEL8 update breaks data integrity tests

Red Hat Enterprise Linux for x86_64 8

SRPM
bzip2-1.0.6-28.el8_10.src.rpm SHA-256: 9c1d697f675f5889c57e7f983afa4b3e3f6e2334887ded9d7c10c5a205d1b06a
x86_64
bzip2-1.0.6-28.el8_10.x86_64.rpm SHA-256: 917530892588f7815853b06bd6a8ed26137824f913be1949bd59a5090d673ab2
bzip2-debuginfo-1.0.6-28.el8_10.i686.rpm SHA-256: 84c99110f902c2ce07f25e017fe2c36d58ac836df43ebc5c3e6d4574297bfd07
bzip2-debuginfo-1.0.6-28.el8_10.x86_64.rpm SHA-256: 72e486be47114f944ec50d6b9d9c9d49f37148291973e4c4b623e212d591d8b1
bzip2-debugsource-1.0.6-28.el8_10.i686.rpm SHA-256: 9144de1aae0f7d63e137e2c4a379f494db66cb0907592f8742dc6a269ddd46ca
bzip2-debugsource-1.0.6-28.el8_10.x86_64.rpm SHA-256: bb9796d3289e462cb84cc5563cd67abeb8ef30673fd97ddf1ab9a1e1a0817118
bzip2-devel-1.0.6-28.el8_10.i686.rpm SHA-256: e74b9c51172e50c940657f08ef2cf733e39da43504ba6c989db3344008ef2978
bzip2-devel-1.0.6-28.el8_10.x86_64.rpm SHA-256: 81a7a4bcd1bbfd0a276c8a49a2265be8be1adac1b1696c4d67349dde286b92d7
bzip2-libs-1.0.6-28.el8_10.i686.rpm SHA-256: 16cb410eafd4989c7b1244245418d8ddac9cbe085aaea2635c4bc0536382f05f
bzip2-libs-1.0.6-28.el8_10.x86_64.rpm SHA-256: dc8a416dd88d361bbf9e324903ebbd75e79fb856fc0db0769e7bab96b3212364
bzip2-libs-debuginfo-1.0.6-28.el8_10.i686.rpm SHA-256: e6fb10488e2e8c9a92d7d5b3731774e345d5f37c6e6e5a088d4c992e2e4560e1
bzip2-libs-debuginfo-1.0.6-28.el8_10.x86_64.rpm SHA-256: 41b21692d05a3e7a9c08d7c9866a281a8a62e402312fac7260f9af3027fa4e99

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
bzip2-1.0.6-28.el8_10.src.rpm SHA-256: 9c1d697f675f5889c57e7f983afa4b3e3f6e2334887ded9d7c10c5a205d1b06a
s390x
bzip2-1.0.6-28.el8_10.s390x.rpm SHA-256: 8e15ec06b3d89b5b84cfb81d3cd18df1822517dee1d3e4de7df1b2262f484736
bzip2-debuginfo-1.0.6-28.el8_10.s390x.rpm SHA-256: 85a17bfe6862c7133ad0a164ec07cec37b5e6050f689e68cc4d9992354e5cafe
bzip2-debugsource-1.0.6-28.el8_10.s390x.rpm SHA-256: 4bcdfa539114a8c4cf6057e597cb6f0ec7c623713b45dd5a41775848c3119588
bzip2-devel-1.0.6-28.el8_10.s390x.rpm SHA-256: f6c576abea97dde96500aaef36f9ef449ac918e9fe3e91033c1e19d4a428573a
bzip2-libs-1.0.6-28.el8_10.s390x.rpm SHA-256: 493c670f7ced70cbaca38bc9a55d591fdcdfc6f7c32f51b000d5545b98b4f891
bzip2-libs-debuginfo-1.0.6-28.el8_10.s390x.rpm SHA-256: 8cdd89675051f5921bba415c273786faed63226119d1dffcf8bab13064525be5

Red Hat Enterprise Linux for Power, little endian 8

SRPM
bzip2-1.0.6-28.el8_10.src.rpm SHA-256: 9c1d697f675f5889c57e7f983afa4b3e3f6e2334887ded9d7c10c5a205d1b06a
ppc64le
bzip2-1.0.6-28.el8_10.ppc64le.rpm SHA-256: 4c1c90dc5d60ace35e64957278cd90e9ada5f6294dcf9ebd263e8c9c5f6edff7
bzip2-debuginfo-1.0.6-28.el8_10.ppc64le.rpm SHA-256: c91cb5e20161d8dbe44fd247d017ac5ba964c5ef26ee400c26af700c70b2a2bb
bzip2-debugsource-1.0.6-28.el8_10.ppc64le.rpm SHA-256: e3af01b0343e124a2f2abc572c67d7c347963651dbf2c25050311d6abce82514
bzip2-devel-1.0.6-28.el8_10.ppc64le.rpm SHA-256: 9f581ec004a62da4932f7e6f345091f245c888a3faf5dfb1de9671b02c626b1a
bzip2-libs-1.0.6-28.el8_10.ppc64le.rpm SHA-256: 7dfc762abd1aee8de47d1501ebb45e46f30acae52afa50dc6946f926f890fa94
bzip2-libs-debuginfo-1.0.6-28.el8_10.ppc64le.rpm SHA-256: ac2c24ddfd4ffcaead06a18cae12e5a2c15e01edeac97b44132cae70d398540a

Red Hat Enterprise Linux for ARM 64 8

SRPM
bzip2-1.0.6-28.el8_10.src.rpm SHA-256: 9c1d697f675f5889c57e7f983afa4b3e3f6e2334887ded9d7c10c5a205d1b06a
aarch64
bzip2-1.0.6-28.el8_10.aarch64.rpm SHA-256: 3326455c7b98ea42265424a283914b509d2ab0cf45ed0c2a86e873458322b6bd
bzip2-debuginfo-1.0.6-28.el8_10.aarch64.rpm SHA-256: 6df292cb1aa64ee98b4bab4c21a005153fda4242adc2f00210bc38bb12f0cd68
bzip2-debugsource-1.0.6-28.el8_10.aarch64.rpm SHA-256: d109d58facd8c05e737b2279684c477477e3da15558e6701fb6fe99f758885c7
bzip2-devel-1.0.6-28.el8_10.aarch64.rpm SHA-256: fa1156d5583fcf24f0511875d2c7eab35e8ca68c1003953b62bc9c7a44ae8b14
bzip2-libs-1.0.6-28.el8_10.aarch64.rpm SHA-256: ebbecc508e327ebad11b8847ff832a482bec8a061d082a76654cc16ca9dd6aba
bzip2-libs-debuginfo-1.0.6-28.el8_10.aarch64.rpm SHA-256: 709ad6f32cf470ada1fe65012158c6c960293641b177985ea72e66db9c6c85e3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.