Protection Engine Patches for bzip2 vulnerability (CVE-2019-12900)

book

Article ID: 175614

calendar_today

Updated On:

Products

Protection Engine for Cloud Services Protection Engine for NAS

Issue/Introduction

Symantec Protection Engine (SPE) patches for bzip2 vulnerability CVE-2019-12900.

See https://nvd.nist.gov/vuln/detail/CVE-2019-12900 for more information about the vulnerability.

Resolution

Please download appropriate hotfix, which is attached herewith.

Application procedure of hotfix is as follows:

  1. Stop the SPE service.
  2. Go to SPE install location.
  3. Take back up of original files from install location matching with provided files in patch.
  4. Replace the above files with hotfix provided file.
  5. Ensure the permission to newly copied files are identical to backed-up files.
  6. Restart the SPE service.

 

Attachments

SPE_8.0.0_HF09.zip get_app
SPE_7.9.2_HF02_SHA1.txt get_app
SPE_7.9.2_HF02.zip get_app
SPE_7.8.1_HF07.zip get_app
SPE_7.5.5_HF18.zip get_app
SPE_7.0.5_HF08_SHA1.txt get_app
SPE_7.0.5_HF08.zip get_app