Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow

To: <jorel@austin.rr.com>
Cc: <security@debian.org>, <debian-security@lists.debian.org>
Subject: Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
From: Adam Heath <doogie@debian.org>
Date: Mon, 11 Mar 2002 20:01:28 -0600 (CST)
Message-id: <[🔎] Pine.LNX.4.33.0203112000390.22804-100000@gradall.private.brainfood.com>
In-reply-to: <[🔎] Pine.LNX.3.96.1020311171450.4501A-100000@trillian.megadodo.umb>

On Mon, 11 Mar 2002, Jor-el wrote:

> > The zlib vulnerability is fixed in the Debian zlib package version
> > 1.1.3-5.1. A number of programs either link statically to zlib or include
> > a private copy of zlib code. These programs must also be upgraded
> > to eliminate the zlib vulnerability. The affected packages and fixed
> > versions follow:
> >   amaya 2.4-1potato1
> >   dictd 1.4.9-9potato1
> >   erlang 49.1-10.1
> >   freeamp 2.0.6-2.1
> >   mirrordir 0.10.48-2.1
> >   ppp 2.3.11-1.5
> >   rsync 2.3.2-1.6
> >   vrweb 1.5-5.1
> >
> Hi,
>
> 	Doesnt dpkg also compile with a static zlib? Why does it not make
> this list?

It does, and you are correct.  I guess an upload will be forthcoming from me.
There also happens to be an assertion bug that I have a fix for as well.

Reply to:

References:
- Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
  - From: Jor-el <jorel@trillian.megadodo.umb>

Prev by Date: Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
Next by Date: Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
Previous by thread: Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
Next by thread: Re: [SECURITY] [DSA 122-1] New zlib & other packages fix buffer overflow
Index(es):
- Date
- Thread