Re: [SECURITY] [DSA 740-1] New zlib packages fix denial of service

To: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 740-1] New zlib packages fix denial of service
From: Roberto Gordo Saez <roberto.gordo@linalco.com>
Date: Thu, 7 Jul 2005 09:46:30 +0200
Message-id: <[🔎] E1DqR5b-0004Tw-00@linalco.com>
In-reply-to: <E1DqB93-0004HF-00@klecker.debian.org>
References: <E1DqB93-0004HF-00@klecker.debian.org>

On Wed, Jul 06, 2005 at 04:45:01PM +0200, Michael Stone wrote:
> - ------------------------------------------------------------------------
> Debian Security Advisory DSA 740-1                   security@debian.org
> http://www.debian.org/security/                            Michael Stone
> July 06, 2005                         http://www.debian.org/security/faq
> - ------------------------------------------------------------------------
> 
> Package        : zlib
> Vulnerability  : buffer overflow
> Problem type   : remote DOS
> Debian-specific: no
> CVE Id(s)      : CAN-2005-2096
> 
> An error in the way zlib handles the inflation of certain compressed
> files can cause a program which uses zlib to crash when opening an
> invalid file. 
> 
> This problem does not affect the old stable distribution (woody).
> 
> For the stable distribution (sarge), this problem has been fixed in
> version 1.2.2-4.sarge.1.
> 
> For the unstable distribution, this problem has been fixed in version
> 1.2.2-7.
> 
> We recommend that you upgrade your clamav package.

I would prefer to upgrade also my zlib package ;-)

-- 
Roberto Gordo Saez - Free Software Engineer
Linalco "Especialistas en Linux y Software Libre"
http://www.linalco.com/  Tel: +34-914561700

Reply to:

Prev by Date: Ferie / Vacation
Next by Date: Shadow passwords
Previous by thread: Re: Where is the security announcement?
Next by thread: Shadow passwords
Index(es):
- Date
- Thread