Debian Bug report logs -
#1016710
zlib: CVE-2022-37434
Package:
src:zlib;
Maintainer for src:zlib is Mark Brown <broonie@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 5 Aug 2022 19:30:02 UTC
Severity: important
Tags: security, upstream
Found in versions zlib/1:1211dfsg-1, zlib/1:1 ...
Evgeny Legerov reported a heap-based buffer overflow vulnerability in
the inflate operation in zlib, which could result in denial of service
or potentially the execution of arbitrary code if specially crafted
input is processed
For the stable distribution (bullseye), this problem has been fixed in
version 1:1211dfsg-2+deb11u2
We recommend that ...
A security vulnerability was found in zlib The flaw triggered a heap-based buffer in inflate in the inflatec function via a large gzip header extra field This flaw is only applicable in the call inflateGetHeader (CVE-2022-37434) ...
A security vulnerability was found in zlib The flaw triggered a heap-based buffer in inflate in the inflatec function via a large gzip header extra field This flaw is only applicable in the call inflateGetHeader (CVE-2022-37434) ...
A security vulnerability was found in zlib The flaw triggered a heap-based buffer in inflate in the inflatec function via a large gzip header extra field This flaw is only applicable in the call inflateGetHeader (CVE-2022-37434) ...
zlib through 1212 has a heap-based buffer over-read or buffer overflow in inflate in inflatec via a large gzip header extra field NOTE: only applications that call inflateGetHeader are affected Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (eg, see the nodejs/node reference) ...
Severity
Unknown
Remote
Unknown
Type
Unknown
Description
AVG-2821
zlib
1:1212-2
1:1212-3
Unknown
Fixed ...
Synopsis
Important: OpenShift Container Platform 41112 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41112 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impac ...
Synopsis
Moderate: zlib security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for zlib is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security ...
Synopsis
Moderate: Service Binding Operator 131 security update
Type/Severity
Security Advisory: Moderate
Topic
An update for service-binding-operator-bundle-container and service-binding-operator-container is now available for OpenShift Developer Tools and Services for OCP 49Red Hat Product Security has rated this update as having a secu ...
Synopsis
Moderate: rsync security and bug fix update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rsync is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
Synopsis
Moderate: zlib security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for zlib is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security ...
Synopsis
Moderate: rsync security and enhancement update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rsync is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as ...
Synopsis
Moderate: Openshift Logging 5313 security and bug fix release
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for OpenShift Logging 53Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed se ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 248 security fixes and container updates
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 248 GeneralAvailability release images, which fix security issuesRed Hat Product Security has rated this update as having a security impactof Mo ...
Synopsis
Moderate: Logging Subsystem 554 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
Logging Subsystem 554 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Synopsis
Moderate: zlib security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for zlib is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security ...
Synopsis
Moderate: rsync security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for rsync is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product Security has rated this ...
Synopsis
Moderate: OpenShift API for Data Protection (OADP) 111 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
OpenShift API for Data Protection (OADP) 111 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Low: Release of OpenShift Serverless 1260
Type/Severity
Security Advisory: Low
Topic
Release of OpenShift Serverless 1260The References section contains CVE links providing detailed severity ratingsfor each vulnerability Ratings are based on a Common Vulnerability ScoringSystem (CVSS) base score
Description
Version 1260 of ...
Synopsis
Important: Red Hat OpenShift Service Mesh 231 Containers security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Service Mesh 231 ContainersRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a deta ...
Synopsis
Important: updated rh-sso-7/sso76-openshift-rhel8 container and operator related images
Type/Severity
Security Advisory: Important
Topic
Updated rh-sso-7/sso76-openshift-rhel8 container image and rh-sso-7/sso7-rhel8-operator-bundle image is now available for RHEL-8 based Middleware ContainersRed Hat Product Security has rated this u ...
Synopsis
Moderate: Logging Subsystem 555 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
Logging Subsystem 555 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Synopsis
Important: Migration Toolkit for Runtimes security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Migration Toolkit for Runtimes (v101)Red Hat Product Security has rated this update as having a security impactof Important A Common Vulnerability Scoring System (CVSS) base score, whichgives a ...
Synopsis
Important: Red Hat Advanced Cluster Management 263 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat Advanced Cluster Management for Kubernetes 263 GeneralAvailability release images, which provide security updates, fix bugs, and update container imagesRed Hat Product Security has rated this update as havi ...
Synopsis
Moderate: Logging Subsystem 548 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Logging subsystem for Red Hat OpenShift 54Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis
Important: OpenShift Container Platform 41145 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41145 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Moderate: Openshift Logging 5314 bug fix release and security update
Type/Severity
Security Advisory: Moderate
Topic
Openshift Logging Bug Fix Release (5314)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 176 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 176 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2451 SP1 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sco ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4130 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4130 on Red Hat Enterprise Linux 9Red Hat ...
Synopsis
Important: OpenShift Virtualization 4120 Images security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 412 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: OpenShift Virtualization 4111 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Virtualization release 4111 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impac ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 262 security update and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 262 GeneralAvailability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security i ...
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page
Apple security documents reference vulnerabilities by CVE-ID  ...
ALAS-2022-252
Amazon Linux 2022 Security Advisory: ALAS-2022-252
Advisory Release Date: 2022-12-06 16:45 Pacific
...
A flaw was found in rsync that is triggered by a victim rsync user/client connecting to a malicious rsync server The server can copy and overwrite arbitrary files in the client's rsync target directory and subdirectories This flaw allows a malicious server, or in some cases, another attacker who performs a man-in-the-middle attack, to potentially ...
An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating (ex: when compressing) if the input has many distant matches For some rare inputs with a large number of distant matches (crafted payloads), the buffer into which the compressed or deflated data is written can overwrite the distance symbol table which it ...