Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
On Mon, 11 Mar 2002, Jor-el wrote:
> > The zlib vulnerability is fixed in the Debian zlib package version
> > 1.1.3-5.1. A number of programs either link statically to zlib or include
> > a private copy of zlib code. These programs must also be upgraded
> > to eliminate the zlib vulnerability. The affected packages and fixed
> > versions follow:
> > amaya 2.4-1potato1
> > dictd 1.4.9-9potato1
> > erlang 49.1-10.1
> > freeamp 2.0.6-2.1
> > mirrordir 0.10.48-2.1
> > ppp 2.3.11-1.5
> > rsync 2.3.2-1.6
> > vrweb 1.5-5.1
> >
> Hi,
>
> Doesnt dpkg also compile with a static zlib? Why does it not make
> this list?
It does, and you are correct. I guess an upload will be forthcoming from me.
There also happens to be an assertion bug that I have a fix for as well.
Reply to: