BWA Software Security Vulnerability

Category: 
Resolution: 
Resolved

Due to a recent software vulnerability discovered in bwa versions 0.7.17 and 0.7.13, it is highly recommended to immediately stop using these versions and instead use bwa/0.7.17-r1198 which contains a patch to mitigate this vulnerability.

If one continues to run the un-patched version of bwa, they may be exposing sensitive data to unauthorized persons. 

Details on the vulnerability can be found in the following webpages: 

https://nvd.nist.gov/vuln/detail/CVE-2019-10269#vulnCurrentDescriptionTitle 

https://coreymhudson.github.io/bwa_vulnerabilties/

Please contact OSC Help if there are any questions or concerns.