Re: Addressing the recent zlib issue

To: debian-security@lists.debian.org
Subject: Re: Addressing the recent zlib issue
From: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 12 Jul 2005 17:59:01 +0200
Message-id: <[🔎] 87slyk10e2.fsf@deneb.enyo.de>
In-reply-to: <[🔎] 87pstqzrqo.fsf@deneb.enyo.de> (Florian Weimer's message of "Sun, 10 Jul 2005 15:59:43 +0200")
References: <[🔎] 87pstqzrqo.fsf@deneb.enyo.de>

* Florian Weimer:

> Is anybody looking at this problem in a systematic manner, or should I
> just file bugs on the more likely candidates for a security update
> (dpkg and zysnc, based on the list above and assuming that 1.1 is
> indeed not affected).

In the meantime, I've created Clamav signatures for detecting
potentially vulnerable copies of zlib, based on data provided by Mark
Adler:

  http://www.enyo.de/fw/security/zlib-fingerprint/

If you've got a reasonable complete copy of the Debian package pool
and you are willing to run Clamav across it, please respond to this
message.

Reply to:

Follow-Ups:
- Re: Addressing the recent zlib issue
  - From: Mark Brown <broonie@sirena.org.uk>

References:
- Addressing the recent zlib issue
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: New squid packages 2.4.6-2woody9 restarts very often.
Next by Date: Re: New squid packages 2.4.6-2woody9 restarts very often.
Previous by thread: Re: Addressing the recent zlib issue
Next by thread: Re: Addressing the recent zlib issue
Index(es):
- Date
- Thread