5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
May 19, 2005 Dmitry V. Levin 1.3.5-alt1
- Updated to 1.3.5.
- Reviewed and reworked patches.
- Added zegrep(1) and zfgrep(1) manpage links.
- Changed zgrep and zdiff to handle also functionality of
bz*grep, bzcmp and bzdiff utilities.
- Changed znew utility to avoid dependence on compress utility.
- Relocated zme utility from bzip2-utils to gzip-utils.
- Relocated zmore utility to less package.
- Fixed chmod/chown race condition in file permission handling
code (CAN-2005-0988).
- Changed gunzip to ignore path in original file name stored
in gzip archive when uncompressing with -N; this measure
prohibits uncontrolled files creation in arbitrary filesystem
locations. (CAN-2005-1228).
- Fixed zgrep to properly sanitize arguments, to avoid arbitrary
commands execution via filenames injection into a sed script
(CAN-2005-0758).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ALT Linux | 5 | src | gzip-1.3.5-alt6.src.rpm | < 1.3.5-alt1 | gzip-1.3.5-alt6.src.rpm |
ALT Linux | 5 | x86_64 | gzip-1.3.5-alt6.x86_64.rpm | < 1.3.5-alt1 | gzip-1.3.5-alt6.x86_64.rpm |
ALT Linux | 5 | x86_64 | gzip-utils-1.3.5-alt6.x86_64.rpm | < 1.3.5-alt1 | gzip-utils-1.3.5-alt6.x86_64.rpm |
ALT Linux | 5 | i586 | gzip-1.3.5-alt6.i586.rpm | < 1.3.5-alt1 | gzip-1.3.5-alt6.i586.rpm |
ALT Linux | 5 | i586 | gzip-utils-1.3.5-alt6.i586.rpm | < 1.3.5-alt1 | gzip-utils-1.3.5-alt6.i586.rpm |