Advisories

Mandriva Advisories

Package name	zlib
Date	July 6th, 2005
Advisory ID	MDKSA-2005:112
Affected versions	10.0, 10.1, CS3.0, MNF2.0, 10.2
Synopsis	Updated zlib packages fix vulnerability

Problem Description

Tavis Ormandy of the Gentoo Security Project discovered a vulnerability
in zlib where a certain data stream would cause zlib to corrupt a data
structure, resulting in the linked application to dump core.

The updated packages have been patched to correct this problem.

Updated Packages

Mandrakelinux 10.0

 45457a67f143e009c4c2e737f72a72cd  10.0/RPMS/zlib1-1.2.1-2.2.100mdk.i586.rpm
fb9cb92b1149a7210c02480adf847268  10.0/RPMS/zlib1-devel-1.2.1-2.2.100mdk.i586.rpm
b2eb2e14dda3854176c63e172be0e1dc  10.0/SRPMS/zlib-1.2.1-2.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64

 5c26bbcefa548fb0e0455c49d8cab450  amd64/10.0/RPMS/zlib1-1.2.1-2.2.100mdk.amd64.rpm
058815a877ca4bda488042afc0a17fac  amd64/10.0/RPMS/zlib1-devel-1.2.1-2.2.100mdk.amd64.rpm
b2eb2e14dda3854176c63e172be0e1dc  amd64/10.0/SRPMS/zlib-1.2.1-2.2.100mdk.src.rpm

Mandrakelinux 10.1

 bf14e4c8290d9034414e26a7d064e409  10.1/RPMS/zlib1-1.2.1.1-3.1.101mdk.i586.rpm
0b40ecfd8214b1b73910576f48d774d7  10.1/RPMS/zlib1-devel-1.2.1.1-3.1.101mdk.i586.rpm
bc5f28d5cf15cae679899b9b21ec415c  10.1/SRPMS/zlib-1.2.1.1-3.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64

 92562565afb652388ba804f62417978e  x86_64/10.1/RPMS/zlib1-1.2.1.1-3.1.101mdk.x86_64.rpm
db4015970358e24dca4e876d324b3426  x86_64/10.1/RPMS/zlib1-devel-1.2.1.1-3.1.101mdk.x86_64.rpm
bc5f28d5cf15cae679899b9b21ec415c  x86_64/10.1/SRPMS/zlib-1.2.1.1-3.1.101mdk.src.rpm

Corporate Server 3.0

 51822c133a9f4648e80ca563dc67e0e8  corporate/3.0/RPMS/zlib1-1.2.1-2.2.C30mdk.i586.rpm
a0d93b089e10b7c77b94fafe5f7dcfbd  corporate/3.0/RPMS/zlib1-devel-1.2.1-2.2.C30mdk.i586.rpm
d6b8d7110c7c3f9887951ff95dc6a473  corporate/3.0/SRPMS/zlib-1.2.1-2.2.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 2277267171a472b87f509f4df73ef43c  x86_64/corporate/3.0/RPMS/zlib1-1.2.1-2.2.C30mdk.x86_64.rpm
523c5ab3f3b6fbbe62a00bb5a99ff1db  x86_64/corporate/3.0/RPMS/zlib1-devel-1.2.1-2.2.C30mdk.x86_64.rpm
d6b8d7110c7c3f9887951ff95dc6a473  x86_64/corporate/3.0/SRPMS/zlib-1.2.1-2.2.C30mdk.src.rpm

Multi Network Firewall 2.0

 f236a1f818d49d21d73f4912c9603a56  mnf/2.0/RPMS/zlib1-1.2.1-2.2.M20mdk.i586.rpm
0ca585b4deb54d408ec96cd25eec8247  mnf/2.0/SRPMS/zlib-1.2.1-2.2.M20mdk.src.rpm

Mandriva Linux LE2005

 4044d77bc298ed7b5368a275fb033601  10.2/RPMS/zlib1-1.2.2.2-2.1.102mdk.i586.rpm
bddf58d123f1b91640cafa687b814cd2  10.2/RPMS/zlib1-devel-1.2.2.2-2.1.102mdk.i586.rpm
ec8ec911005302a927861e61e075164d  10.2/SRPMS/zlib-1.2.2.2-2.1.102mdk.src.rpm

Mandriva Linux LE2005/X86_64

 7ccc1e7502a8223c09dcf04fef816f6a  x86_64/10.2/RPMS/zlib1-1.2.2.2-2.1.102mdk.x86_64.rpm
0af31a45633b5c9d9e6535949c43d6ad  x86_64/10.2/RPMS/zlib1-devel-1.2.2.2-2.1.102mdk.x86_64.rpm
ec8ec911005302a927861e61e075164d  x86_64/10.2/SRPMS/zlib-1.2.2.2-2.1.102mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer