[3.7] bzip2: out-of-bounds write in function BZ2_decompress (CVE-2019-12900)
BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an
write when there are many selectors.
(from redmine: issue id 10647, created on 2019-07-02, closed on 2019-07-09)
main/bzip2: add patch for CVE-2019-12900 Adding the upstream bzip2 security patch to fix the out of bounds security vulnerability in bzip2. fixes #10647