diff -r 4e3569555a4b -r caba7851f931 components/bzip2/patches/CVE-2016-3189.patch
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/bzip2/patches/CVE-2016-3189.patch	Thu Jun 23 12:40:18 2016 -0700
@@ -0,0 +1,18 @@
+Fix for CVE-2016-3189.
+
+For more details see:
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1319648
+
+Fix is already known upstream.
+
+--- bzip2-1.0.6/bzip2recover.c.orig	2016-06-20 14:21:27.313740691 -0700
++++ bzip2-1.0.6/bzip2recover.c	2016-06-20 14:22:04.258099956 -0700
+@@ -457,6 +457,7 @@
+             bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
+             bsPutUInt32 ( bsWr, blockCRC );
+             bsClose ( bsWr );
++            outFile = NULL;
+          }
+          if (wrBlock >= rbCtr) break;
+          wrBlock++;