lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <E1DqOvt-0001FV-NV@mercury.mandriva.com>
Date: Thu Jul  7 06:28:35 2005
From: security at mandriva.com (Mandriva Security Team)
Subject: MDKSA-2005:112 - Updated zlib packages fix
	vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           zlib
 Advisory ID:            MDKSA-2005:112
 Date:                   July 6th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Tavis Ormandy of the Gentoo Security Project discovered a vulnerability
 in zlib where a certain data stream would cause zlib to corrupt a data
 structure, resulting in the linked application to dump core.
 
 The updated packages have been patched to correct this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 45457a67f143e009c4c2e737f72a72cd  10.0/RPMS/zlib1-1.2.1-2.2.100mdk.i586.rpm
 fb9cb92b1149a7210c02480adf847268  10.0/RPMS/zlib1-devel-1.2.1-2.2.100mdk.i586.rpm
 b2eb2e14dda3854176c63e172be0e1dc  10.0/SRPMS/zlib-1.2.1-2.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 5c26bbcefa548fb0e0455c49d8cab450  amd64/10.0/RPMS/zlib1-1.2.1-2.2.100mdk.amd64.rpm
 058815a877ca4bda488042afc0a17fac  amd64/10.0/RPMS/zlib1-devel-1.2.1-2.2.100mdk.amd64.rpm
 b2eb2e14dda3854176c63e172be0e1dc  amd64/10.0/SRPMS/zlib-1.2.1-2.2.100mdk.src.rpm

 Mandrakelinux 10.1:
 bf14e4c8290d9034414e26a7d064e409  10.1/RPMS/zlib1-1.2.1.1-3.1.101mdk.i586.rpm
 0b40ecfd8214b1b73910576f48d774d7  10.1/RPMS/zlib1-devel-1.2.1.1-3.1.101mdk.i586.rpm
 bc5f28d5cf15cae679899b9b21ec415c  10.1/SRPMS/zlib-1.2.1.1-3.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 92562565afb652388ba804f62417978e  x86_64/10.1/RPMS/zlib1-1.2.1.1-3.1.101mdk.x86_64.rpm
 db4015970358e24dca4e876d324b3426  x86_64/10.1/RPMS/zlib1-devel-1.2.1.1-3.1.101mdk.x86_64.rpm
 bc5f28d5cf15cae679899b9b21ec415c  x86_64/10.1/SRPMS/zlib-1.2.1.1-3.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 4044d77bc298ed7b5368a275fb033601  10.2/RPMS/zlib1-1.2.2.2-2.1.102mdk.i586.rpm
 bddf58d123f1b91640cafa687b814cd2  10.2/RPMS/zlib1-devel-1.2.2.2-2.1.102mdk.i586.rpm
 ec8ec911005302a927861e61e075164d  10.2/SRPMS/zlib-1.2.2.2-2.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 7ccc1e7502a8223c09dcf04fef816f6a  x86_64/10.2/RPMS/zlib1-1.2.2.2-2.1.102mdk.x86_64.rpm
 0af31a45633b5c9d9e6535949c43d6ad  x86_64/10.2/RPMS/zlib1-devel-1.2.2.2-2.1.102mdk.x86_64.rpm
 ec8ec911005302a927861e61e075164d  x86_64/10.2/SRPMS/zlib-1.2.2.2-2.1.102mdk.src.rpm

 Corporate 3.0:
 51822c133a9f4648e80ca563dc67e0e8  corporate/3.0/RPMS/zlib1-1.2.1-2.2.C30mdk.i586.rpm
 a0d93b089e10b7c77b94fafe5f7dcfbd  corporate/3.0/RPMS/zlib1-devel-1.2.1-2.2.C30mdk.i586.rpm
 d6b8d7110c7c3f9887951ff95dc6a473  corporate/3.0/SRPMS/zlib-1.2.1-2.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 2277267171a472b87f509f4df73ef43c  x86_64/corporate/3.0/RPMS/zlib1-1.2.1-2.2.C30mdk.x86_64.rpm
 523c5ab3f3b6fbbe62a00bb5a99ff1db  x86_64/corporate/3.0/RPMS/zlib1-devel-1.2.1-2.2.C30mdk.x86_64.rpm
 d6b8d7110c7c3f9887951ff95dc6a473  x86_64/corporate/3.0/SRPMS/zlib-1.2.1-2.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCzL11mqjQ0CJFipgRAtoAAKCS2oY1mYi5BSi6I9jAq16vIh6+1QCgo7Ti
IiNyNXQCSbIG9OaFnpLqZt8=
=0lQA
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists