inftrees.h in zlib 1.2.2 allows remote malicious users to cause a denial of service (application crash) via an invalid file that causes a large dynamic tree to be produced.
Synopsis
zlib security update
Type/Severity
Security Advisory: Important
Topic
Updated zlib packages that fix a buffer overflow are now available for RedHat Enterprise Linux 4This update has been rated as having important security impact by the RedHat Security Response Team
Description
Zl ...
USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams ...
USN-148-1 fixed an improver input verification of zlib
(CAN-2005-2096) Markus Oberhumer discovered additional ways a
disrupted stream could trigger a buffer overflow and crash the
application using zlib, so another update is necessary ...
USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams ...
USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could
be exploited to cause Denial of Service attacks or even arbitrary code
execution with malicious data streams ...
zsync, a file transfer program, includes a modified local copy of
the zlib library, and is vulnerable to certain bugs fixed previously
in the zlib package
There was a build error for the sarge i386 proftpd packages released in
DSA 797-1 A new build, zsync_033-1sarge12, has been prepared to
correct this error The packages for other architect ...
Markus Oberhumer discovered a flaw in the way zlib, a library used for
file compression and decompression, handles invalid input This flaw can
cause programs which use zlib to crash when opening an invalid file
A further error in the way zlib handles the inflation of certain
compressed files can cause a program which uses zlib to crash when openi ...
Markus Oberhumer discovered a flaw in the way zlib, a library used for
file compression and decompression, handles invalid input This flaw can
cause programs which use zlib to crash when opening an invalid file
This problem does not affect the old stable distribution (woody)
For the current stable distribution (sarge), this problem has been fixe ...