Overview

There is a bug in the zlib compression library that may manifest itself as a vulnerability in programs that are linked with zlib. This may allow an attacker to conduct a denial-of-service attack, gather information, or execute arbitrary code.

It is important to note that the CERT/CC has not received any reports of exploitation of this bug. Based on the information available to us at this time, it is difficult to determine whether this bug can be successfully exploited. However, given the widespread deployment of zlib, we have published this document as a proactive measure.

Description

There is a bug in the decompression algorithm used by the popular zlib compression library. If an attacker is able to pass a specially-crafted block of invalid compressed data to a program that includes zlib, the program’s attempt to decompress the crafted data can cause the zlib routines to corrupt the internal data structures maintained by malloc.

The bug results from a programming error that causes segments of dynamically allocated memory to be released more than once (i.e., “double-freed”). Specifically, when inftrees.c:huft_build() encounters the crafted data, it returns an unexpected Z_MEM_ERROR to inftrees.c:inflate_trees_dynamic(). When a subsequent call is made to infblock.c:inflate_blocks(), the inflate_blocks function tries to free an internal data structure a second time.

Because this bug interferes with the proper allocation and deallocation of dynamic memory, it may be possible for an attacker to influence the operation of programs that include zlib. In most circumstances, this influence will be limited to denial of service or information leakage, but it is theoretically possible for an attacker to insert arbitrary code into a running program. This code would be executed with the permissions of the vulnerable program.

---

Impact

This bug may introduce vulnerabilities into any program that includes the affected library. Depending upon how and where the zlib routines are called from the given program, the resulting vulnerability may have one or more of the following impacts: denial of service, information leakage, or execution of arbitrary code.

---

Solution

Upgrade your version of zlib

The maintainers of zlib have released version 1.1.4 to address this vulnerability. Any software that is linked to or derived from an earlier version of zlib should be upgraded immediately. The latest version of zlib is available at http://www.zlib.org.

These are the MD5 checksums for zlib version 1.1.4:

abc405d0bdd3ee22782d7aa20e440f08 _zlib-1.1.4.tar.gz_
9bf1d36ced334b0cf1f996f5c8171018 _zlib114.zip_

The maintainers of zlib have published an advisory regarding this issue; for further information, please see

http://www.gzip.org/zlib/advisory-2002-03-11.txt

Apply a patch from your vendor

The zlib compression library is freely available and used by many vendors in a wide variety of applications. Any one of these applications may contain vulnerabilities that are introduced by this vulnerability. For the most recent information available to the CERT/CC, please see the vendor section of this document.

---

Vendor Information

368819

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Cisco Systems Inc. __ Affected

Notified: March 11, 2002 Updated: April 03, 2002

Status

Affected

Vendor Statement

Cisco Systems is addressing the vulnerability identified by VU#368819 across all affected products. Cisco has released an advisory:

http://www.cisco.com/warp/public/707/zlib-double-free.shtml

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Compaq Computer Corporation __ Affected

Notified: February 23, 2002 Updated: October 17, 2002

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

SECURITY BULLETIN
REVISION: 1
SSRT0818U HP Tru64 UNIX V5.1A zlib Potential Security Vulnerability
NOTICE: There are no restrictions for distribution of this Bulletin provided that it remains complete and intact.
RELEASE DATE: October 2002
SEVERITY: High
SOURCE: Compaq Computer Corporation, a wholly-owned subsidiary of Hewlett-Packard Company and Hewlett-Packard Company HP Services Software Security Response Team
REFERENCE: CERT CA-2002-07
PROBLEM SUMMARY

This bulletin will be posted to the support website within 24 hours of release to ``<http://thenew.hp.com/country/us/eng/support.html>`` Use the SEARCH IN feature box, enter SSRT0818U in the search window.

SSRT0818U zlib (Severity - High)
A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability.

VERSIONS IMPACTED:
HP Tru64 UNIX 5.1A only

NOT IMPACTED:
HP-UX
HP Tru64 UNIX V5.1, V5.0A, V4.0G, V4.0F
HP NonStop Servers
HP OpenVMS

RESOLUTION

The HP Tru64 UNIX fix is available in the mainstream release patch kit for HP Tru64 UNIX V5.1A PK3 (BL3).
HP Tru64 UNIX 5.1A
Kit Name: t64v51ab03as0003-20020827.tar
Kit Location: ``<ftp://ftp1.support.compaq.com/public/unix/v5.1a/>``
Information on how to verify MD5 and SHA1 checksums is available at: ``<http://www.support.compaq.com/patches/whats-new.shtml>``

After completing the update, HP and Compaq strongly recommend that you perform an immediate backup of the system disk so that any subsequent restore operations begin with updated software. Otherwise, the updated must be re-applied after a future restore operation. Also, if at some future time the system is upgraded to a later patch release or version release, reinstall the appropriate ERP.

SUPPORT: For further information, contact HP Services.
SUBSCRIBE: To subscribe to automatically receive future Security Advisories from the Software Security Response Team via electronic mail: ``<http://www.support.compaq.com/patches/mailing-list.shtml>``
REPORT: To report a potential security vulnerability with any HP or Compaq supported product, send email to: [email protected]

HP and Compaq appreciate your cooperation and patience. As always, HP and Compaq urge you to periodically review your system management and security procedures. HP and Compaq will continue to review and enhance the security features of its products and work with our customers to maintain and improve the security and integrity of their systems.
"HP and Compaq are broadly distributing this Security Bulletin in order to bring to the attention of users of the affected Compaq products the important security information contained in this Bulletin. HP and Compaq recommend that all users determine the applicability of this information to their individual situations and take appropriate action. Neither HP nor Compaq warrant that this information is necessarily accurate or complete for all user situations and, consequently, neither HP nor Compaq will be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin."

જopyright 2002 Hewlett-Packard Company Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.
-----BEGIN PGP SIGNATURE----- Version: PGP 7.0.4
iQA/AwUBPaycXDnTu2ckvbFuEQJiAwCg+IqvFGshPKuZFqsWcVPwtskYd1AAoIbx jg2EImUdurxdVHqXHP45uTup =IU0f -----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Conectiva __ Affected

Notified: February 18, 2002 Updated: June 14, 2002

Status

Affected

Vendor Statement

Conectiva Linux supported versions (5.0, 5.1, 6.0, 7.0, ferramentas grฟicas and ecoomerce) are affected by the zlib vulnerability. Updates will be sent to our security mailing lists and be available at our ftp site and mirrors. The updates will include a new version of zlib itself and also other packages which include their own version of zlib or are linked statically to the system-wide copy of zlib.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Conectiva has released Conectiva Linux Security Announcements CLSA-2002:469, CLSA-2002:492, and CLSA-2002:493 to address this vulnerability. For more information, please see

http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000469
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000492
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000493

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Debian __ Affected

Notified: February 23, 2002 Updated: March 18, 2002

Status

Affected

Vendor Statement

Users of Debian GNU/Linux 2.2 (potato) should upgrade to zlib version 1.1.3-5.1. More information is available at http://www.debian.org/security/2002/dsa-122. Note that a few packages which include private copies of zlib will also need to be upgraded–more information is available at the above link.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Debian has released Debian Security Advisory DSA-122-1 to address this issue; for more information, please see

http://www.debian.org/security/2002/dsa-122

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

FreeBSD __ Affected

Notified: February 23, 2002 Updated: April 23, 2002

Status

Affected

Vendor Statement

FreeBSD is not vulnerable, as the FreeBSD malloc implementation detects and complains about several programming errors including this kind of double free.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

FreeBSD has released FreeBSD Security Advisory FreeBSD-SA-02:18 to address this issue. For more information, please see

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:18.zlib.asc
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:3A18.zlib.v1.1.asc
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:3A18.zlib.v1.2.asc

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Guardian Digital Inc. __ Affected

Notified: March 11, 2002 Updated: March 12, 2002

Status

Affected

Vendor Statement

EnGarde Secure Linux Community and Professional are both vulnerable to the zlib bugs. Guardian Digital addressed this vulnerability in ESA-20020311-008 which may be found at:

http://www.linuxsecurity.com/advisories/other_advisory-1960.html
EnGarde Secure Professional users may upgrade their systems using the Guardian Digital Secure Network.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Hewlett-Packard Company __ Affected

Notified: February 23, 2002 Updated: January 24, 2003

Status

Affected

Vendor Statement

Some HP-UX software (for example, X and lbxproxy) is linked with the 1.0.8 version of zlib. This version came before the introduction of the reported double free problem and is not vulnerable.

Other HP-UX software (for example, OpenSSH) is linked with the latest zlib (1.1.4) and is not vulnerable.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

HP has published multiple HP Security Bulletins to address this issue:

HPSBTL0204-037 Security vulnerability in audit subsystem
HPSBTL0204-036 Security vulnerabilities in the kernel
HPSBTL0204-030 Security vulnerability in zlib library
HPSBTL0203-029 Security vulnurabilty in openssh-clients
HPSBUX0211-0226 SSRT2146 Java Zlib compression libraries bug
For further information, please visit and search for the appropriate reference number. Please note that registration may be required to access these documents.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

IBM __ Affected

Notified: February 23, 2002 Updated: June 25, 2002

Status

Affected

Vendor Statement

IBM’s AIX operating system, version 5.1, ships with open source-originated zlib that is used with the Red Hat Package Manager (rpm) to install applications that are included in the AIX-Linux Affinity Toolkit. zlib (libz.a) is a shared library in AIX. AIX 5.1 is presumed susceptible to the described vulnerability, though we have not demonstrated exploitability yet. AIX 4.3.x does not ship with zlib, but customers who install zlib and use it may be similarly vulnerable.

The updated zlib package can be downloaded by directing your browser to:

http://oss.software.ibm.com/developerworks/projects/aixtoolbox
The updated rpm package can be downloaded from:

ftp://ftp.software.ibm.com/aix/freeSoftware/aixtoolbox/INSTALLP/ppc/rpm.rte

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Juniper Networks __ Affected

Notified: March 11, 2002 Updated: March 29, 2002

Status

Affected

Vendor Statement

Juniper Networks has completed an initial assessment of this vulnerability, and we believe that our implementation is not susceptible. Test programs show that our memory allocation algorithm correctly detects and warns about any attempt to exploit the vulnerability described in the CERT/CC advisory.

We continue to evaluate the risks associated with this vulnerability. If we determine that the JUNOS software is susceptible, we will quickly issue any patches or software updates required to maintain the security of Juniper Networks routers.

Future JUNOS software releases will include a corrected version of the libz code.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

MandrakeSoft __ Affected

Notified: February 23, 2002 Updated: July 05, 2002

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

MandrakeSoft has released several Mandrake Linux Security Update Advisories that address this issue. For more information, please see

http://www.mandrakesecure.net/en/advisories/2002/MDKSA-2002-022.php
http://www.mandrakesecure.net/en/advisories/2002/MDKSA-2002-023.php
http://www.mandrakesecure.net/en/advisories/2002/MDKSA-2002-023-1.php
http://www.mandrakesecure.net/en/advisories/2002/MDKSA-2002-024.php
http://www.mandrakesecure.net/en/advisories/2002/MDKSA-2002-041.php

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

NetBSD __ Affected

Notified: February 23, 2002 Updated: March 22, 2002

Status

Affected

Vendor Statement

NetBSD’s malloc libraries are not vulnerable to double-free() attacks. The updated zlib will be included in future releases, but a Security Advisory will not be issued.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Novell __ Affected

Notified: April 12, 2002 Updated: April 14, 2002

Status

Affected

Vendor Statement

Novell is working on a fix for Novell JVM for NetWare 1.3.1. We will post the fix in the May NDK. Version 1.4 will also have the fix in it. We will also update this statement with the URL to download the fix.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

OpenBSD __ Affected

Notified: February 23, 2002 Updated: March 22, 2002

Status

Affected

Vendor Statement

OpenBSD is not vulnerable as OpenBSD’s malloc implementation detects double freeing of memory. The zlib shipped with OpenBSD has been fixed in OpenBSD-current in January 2002.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

OpenSSH __ Affected

Notified: February 23, 2002 Updated: June 24, 2002

Status

Affected

Vendor Statement

OpenSSH itself relies on zlib as a third party library. OpenSSH’s internal malloc state might get corrupted if the double-free bug is present in zlib. At this moment, it is not known if this bug will allow an intruder to gain privileges.

For some malloc implementation it is possible to detect and ignore the double-free. However, that is entirely dependent on the malloc implementation. Currently, it seems that *BSD operating systems might not be affected by this problem.

We advise everybody to upgrade their third party libraries and recompile OpenSSH if necessary. Turning off compression in the server is possible only by removing zlib from myproposal.h and subsequent recompliation.
`Index: myproposal.h

RCS file: /cvs/src/usr.bin/ssh/myproposal.h,v
retrieving revision 1.13
diff -u -r1.13 myproposal.h
— myproposal.h 21 Jan 2002 22:30:12 -0000 1.13
+++ myproposal.h 12 Mar 2002 17:36:11 -0000
@@ -32,7 +32,7 @@
“hmac-md5,hmac-sha1,hmac-ripemd160,” \
“[email protected],” \
“hmac-sha1-96,hmac-md5-96”
-#define KEX_DEFAULT_COMP “none,zlib”
!)+#define KEX_DEFAULT_COMP “none”
#define KEX_DEFAULT_LANG `

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Openwall GNU/*/Linux __ Affected

Notified: February 14, 2002 Updated: March 12, 2002

Status

Affected

Vendor Statement

All versions of Openwall GNU/*/Linux (Owl) prior to the 2002/02/15 Owl-current snapshot are affected by the zlib double-free vulnerability. Owl-current after 2002/02/15 includes the proper fixes in its userland packages. In order to not place the users of other vendors’ products at additional risk, we have agreed to delay documenting this as a security change and including the fixes in Owl 0.1-stable until there’s a coordinated public announcement. While we don’t normally support this kind of a policy (releasing a fix before there’s an announcement), this time handling the vulnerability in this way was consistent with the state of things by the time the (already publicly known) bug was first realized to be a security vulnerability.

The zlib bug could affect the following Owl packages: gnupg, openssh, rpm, texinfo (not necessarily in a security sense). Of these, the OpenSSH could potentially allow for an active remote attack resulting in a root compromise. If only SSH protocol version 1 is allowed in the OpenSSH server this is reduced to a local attack, but reverse remote attack possibilities by a malicious server remain. Additionally, any third-party software that makes use of the provided zlib library could be affected.

Parts of the Linux 2.2 kernel included in Owl were also affected by the vulnerability. Fortunately, those parts (Deflate compression support for PPP and the experimental Deflate compression extension to IrDA) are normally not used by the Owl userland. The bug has been corrected starting with Linux 2.2.20-ow2 which has been made public and a part of both Owl-current and Owl 0.1-stable on 2002/03/03. This change, however, will only be documented in the publicly-available change logs on the coordinated public announcement date.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Red Hat Inc. __ Affected

Notified: February 07, 2002 Updated: March 14, 2002

Status

Affected

Vendor Statement

Red Hat Linux ships with a zlib library that is vulnerable to this issue. Although most packages in Red Hat Linux use the shared zlib library we have identified a number of packages that either statically link to zlib or contain an internal version of the zlib code.

Updates to zlib and these packages as well as our advisory note are available from the following URL. Users of the Red Hat Network can use the up2date tool to automatically upgrade their systems.

http://www.redhat.com/support/errata/RHSA-2002-026.html
Red Hat would like to thank CERT/CC for their help in coordinating this issue with other vendors.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Red Hat has published information regarding this vulnerability at the following locations:

http://www.redhat.com/support/errata/RHSA-2002-026.html
http://www.redhat.com/support/errata/RHSA-2002-027.html

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

SGI __ Affected

Notified: February 23, 2002 Updated: April 17, 2003

Status

Affected

Vendor Statement

-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________ SGI Security Advisory

Title: X Windows zlib/MIT-SHM/huge font DoS vulnerabilities Number: 20021001-01-P Date: October 15, 2002 References: CVE CAN-2002-164 References: CVE CVE-2002-0059 References: CERT CA-2002-07

______________________________________________________________________________

`- -----------------------

• — Issue Specifics —
• -----------------------`

This bulletin covers several graphics-related security issues:

o It's been reported that the zlib libraries that ship with x_eoe have a "double free" vulnerability.

See: ``<http://www.kb.cert.org/vuls/id/368819>

o It's been reported that the IRIX X server has security vulnerabilities.

1) Under certain conditions, Mozilla can cause the X server to crash.

See: ``<http://web.lemuria.org/security/mozilla-dos.html>`` for details.

2) There is a vulnerability in the MIT-SHM code that can allow a local user to read or write to any SHM segment.

See: ``<http://www.linuxsecurity.com/advisories/caldera_advisory-2006.html>

SGI has investigated the issue and recommends the following steps for neutralizing the exposure. It is HIGHLY RECOMMENDED that these measures be implemented on ALL vulnerable SGI systems.

These issues have been corrected in future releases of IRIX and with patches.

`- --------------

• — Impact —
• --------------`

The X server (/usr/bin/X11/Xsgi) is installed by default on IRIX 6.5 systems as part of x_eoe.sw.Server.

To determine the version of IRIX you are running, execute the following command:

# uname -R

That will return a result similar to the following:

# 6.5 6.5.16f

The first number ("6.5") is the release name, the second ("6.5.15f" in this case) is the extended release name. The extended release name is the "version" we refer to throughout this document.

Exploitation of these vulnerabilities can result in a root compromise or a Denial of Service attack. A local account is required to exploit these vulnerabilities.

`- ----------------------------

• — Temporary Workaround —
• ----------------------------`

There is no good workaround available for these problems if running in graphical mode is desired. SGI recommends either upgrading to IRIX 6.5.18 when it is released, or installing the appropriate patch from the listing below.

If running in graphical mode is not needed, you can execute the command "/usr/gfx/stopgfx" and it will turn the windowsystem configuration flag off, kill the X server, and keep it from being restarted on next boot.

`- ----------------

• — Solution —
• ----------------`

SGI has provided a series of patches for these vulnerabilities. Our recommendation is to upgrade to IRIX 6.5.18 when available, or install the appropriate patch.

` OS Version Vulnerable? Patch # Other Actions

---

IRIX 3.x unknown Note 1
IRIX 4.x unknown Note 1
IRIX 5.x unknown Note 1
IRIX 6.0.x unknown Note 1
IRIX 6.1 unknown Note 1
IRIX 6.2 unknown Note 1
IRIX 6.3 unknown Note 1
IRIX 6.4 unknown Note 1
IRIX 6.5 yes Notes 2 & 3
IRIX 6.5.1 yes Notes 2 & 3
IRIX 6.5.2 yes Notes 2 & 3
IRIX 6.5.3 yes Notes 2 & 3
IRIX 6.5.4 yes Notes 2 & 3
IRIX 6.5.5 yes Notes 2 & 3
IRIX 6.5.6 yes Notes 2 & 3
IRIX 6.5.7 yes Notes 2 & 3 IRIX 6.5.8 yes Notes 2 & 3
IRIX 6.5.9 yes Notes 2 & 3
IRIX 6.5.10 yes Notes 2 & 3
IRIX 6.5.11 yes Notes 2 & 3
IRIX 6.5.12 yes Notes 2 & 3
IRIX 6.5.13m yes 4709
IRIX 6.5.13f yes 4710
IRIX 6.5.14m yes 4648
IRIX 6.5.14f yes 4649
IRIX 6.5.15m yes 4648
IRIX 6.5.15f yes 4649
IRIX 6.5.16m yes 4663
IRIX 6.5.16f yes 4664
IRIX 6.5.17m yes 4757
IRIX 6.5.17f yes 4758`

NOTES

1) This version of the IRIX operating has been retired. Upgrade to an actively supported IRIX operating system. See ``<http://support.sgi.com/irix/news/index.html#policy>`` for more information.

2) If you have not received an IRIX 6.5.X CD for IRIX 6.5, contact your SGI Support Provider or URL: ``<http://support.sgi.com/irix/swupdates/>

3) Upgrade to IRIX 6.5.18.

##### Patch File Checksums ####

The actual patch will be a tar file containing the following files:

Filename: README.patch.4648 Algorithm #1 (sum -r): 19648 15 README.patch.4648 Algorithm #2 (sum): 13125 15 README.patch.4648 MD5 checksum: 763290A0BE49E2567CCF38B549B44A12

Filename: patch4648.chksums.only Algorithm #1 (sum -r): 63642 4 patch4648.chksums.only Algorithm #2 (sum): 3489 4 patch4648.chksums.only MD5 checksum: 57F22AC9C442B369CA97B5FE40B1FFD3

Filename: patch4648.pgp.and.chksums Algorithm #1 (sum -r): 19096 14 patch4648.pgp.and.chksums Algorithm #2 (sum): 35174 14 patch4648.pgp.and.chksums MD5 checksum: C1850DF90F1B478954029EB25B56A797

Filename: patchSG0004648 Algorithm #1 (sum -r): 28932 12 patchSG0004648 Algorithm #2 (sum): 14723 12 patchSG0004648 MD5 checksum: 3BB3B908AC0F03B03E18B997BA141D87

Filename: patchSG0004648.dev_sw Algorithm #1 (sum -r): 16294 4954 patchSG0004648.dev_sw Algorithm #2 (sum): 55525 4954 patchSG0004648.dev_sw MD5 checksum: C14692DA3EB8C12BA8BD3E0348FFA293

Filename: patchSG0004648.dmedia_dev_sw Algorithm #1 (sum -r): 54547 1427 patchSG0004648.dmedia_dev_sw Algorithm #2 (sum): 12560 1427 patchSG0004648.dmedia_dev_sw MD5 checksum: 6EC5EA9017F67D10FC235F4B4715D60A

Filename: patchSG0004648.dmedia_eoe_sw Algorithm #1 (sum -r): 14809 1058 patchSG0004648.dmedia_eoe_sw Algorithm #2 (sum): 17027 1058 patchSG0004648.dmedia_eoe_sw MD5 checksum: 75C87688D66029FD8A577494ED78E6CA

Filename: patchSG0004648.idb Algorithm #1 (sum -r): 45557 10 patchSG0004648.idb Algorithm #2 (sum): 57173 10 patchSG0004648.idb MD5 checksum: 3C3BC01AEB6866C663EED9639D8198E0

Filename: patchSG0004648.x_dev_sw Algorithm #1 (sum -r): 51347 2830 patchSG0004648.x_dev_sw Algorithm #2 (sum): 55679 2830 patchSG0004648.x_dev_sw MD5 checksum: D3690E5AC5CB9D5E0807660A1EF55C2B

Filename: patchSG0004648.x_dev_sw64 Algorithm #1 (sum -r): 23224 1766 patchSG0004648.x_dev_sw64 Algorithm #2 (sum): 2654 1766 patchSG0004648.x_dev_sw64 MD5 checksum: 8E19C61F4CD34B6930490C6724E592E3

Filename: patchSG0004648.x_eoe_sw Algorithm #1 (sum -r): 31097 19287 patchSG0004648.x_eoe_sw Algorithm #2 (sum): 47280 19287 patchSG0004648.x_eoe_sw MD5 checksum: D4B3827EBBDC14A320E12818EC409EB3

Filename: patchSG0004648.x_eoe_sw64 Algorithm #1 (sum -r): 05516 3872 patchSG0004648.x_eoe_sw64 Algorithm #2 (sum): 41234 3872 patchSG0004648.x_eoe_sw64 MD5 checksum: EDFE10A12E6AFC0D0846DA9B5BFF1FB0

Filename: README.patch.4649 Algorithm #1 (sum -r): 07444 15 README.patch.4649 Algorithm #2 (sum): 13141 15 README.patch.4649 MD5 checksum: C5538980016C96C3D1E60F1F86298AAE

Filename: patchSG0004649 Algorithm #1 (sum -r): 47428 12 patchSG0004649 Algorithm #2 (sum): 14587 12 patchSG0004649 MD5 checksum: 4C416CCBF8169CCD41183AA952BF68E5

Filename: patchSG0004649.dev_sw Algorithm #1 (sum -r): 44079 4956 patchSG0004649.dev_sw Algorithm #2 (sum): 10141 4956 patchSG0004649.dev_sw MD5 checksum: AFA1E08A8C3C5A251F9097CE11248E3B

Filename: patchSG0004649.dmedia_dev_sw Algorithm #1 (sum -r): 11964 1428 patchSG0004649.dmedia_dev_sw Algorithm #2 (sum): 38664 1428 patchSG0004649.dmedia_dev_sw MD5 checksum: EF0DAF20D2294F9C35E4D01FA7769D0E

Filename: patchSG0004649.dmedia_eoe_sw Algorithm #1 (sum -r): 39189 1058 patchSG0004649.dmedia_eoe_sw Algorithm #2 (sum): 14792 1058 patchSG0004649.dmedia_eoe_sw MD5 checksum: 6E83F4B6D9B59FD50197B789ED79D52B

Filename: patchSG0004649.idb Algorithm #1 (sum -r): 37792 10 patchSG0004649.idb Algorithm #2 (sum): 51498 10 patchSG0004649.idb MD5 checksum: F9182410F6DA9FF347D3DAA4D6372F8A

Filename: patchSG0004649.x_dev_sw Algorithm #1 (sum -r): 57772 2831 patchSG0004649.x_dev_sw Algorithm #2 (sum): 3606 2831 patchSG0004649.x_dev_sw MD5 checksum: 2B8752ABCCB9D4178CD7EA5595ED4B27

Filename: patchSG0004649.x_dev_sw64 Algorithm #1 (sum -r): 09443 1767 patchSG0004649.x_dev_sw64 Algorithm #2 (sum): 12618 1767 patchSG0004649.x_dev_sw64 MD5 checksum: 519B9D3CF7C561C33E66E58C04E355F8

Filename: patchSG0004649.x_eoe_sw Algorithm #1 (sum -r): 45988 19291 patchSG0004649.x_eoe_sw Algorithm #2 (sum): 55233 19291 patchSG0004649.x_eoe_sw MD5 checksum: C47659D9AFA1B1D8A980AEBF3369FC7D

Filename: patchSG0004649.x_eoe_sw64 Algorithm #1 (sum -r): 63429 3914 patchSG0004649.x_eoe_sw64 Algorithm #2 (sum): 42601 3914 patchSG0004649.x_eoe_sw64 MD5 checksum: 7FEB20B624CDF12994963466B8339E0F

Filename: README.patch.4663 Algorithm #1 (sum -r): 20333 12 README.patch.4663 Algorithm #2 (sum): 7518 12 README.patch.4663 MD5 checksum: D015F7A81554A08D88B75A190BA5EF23

Filename: patchSG0004663 Algorithm #1 (sum -r): 26976 8 patchSG0004663 Algorithm #2 (sum): 51679 8 patchSG0004663 MD5 checksum: 3127F7F8CD6D3859C329478F29989509

Filename: patchSG0004663.dev_sw Algorithm #1 (sum -r): 50053 4944 patchSG0004663.dev_sw Algorithm #2 (sum): 1123 4944 patchSG0004663.dev_sw MD5 checksum: 612336109805B45764EB5EA9F997C27E

Filename: patchSG0004663.dmedia_eoe_sw Algorithm #1 (sum -r): 09775 2052 patchSG0004663.dmedia_eoe_sw Algorithm #2 (sum): 15288 2052 patchSG0004663.dmedia_eoe_sw MD5 checksum: 7B78D73D67C80D9F37FE132134E55AE2

Filename: patchSG0004663.idb Algorithm #1 (sum -r): 06345 9 patchSG0004663.idb Algorithm #2 (sum): 20713 9 patchSG0004663.idb MD5 checksum: C9A228449A0D5A8F78B3D3DE31FDC789

Filename: patchSG0004663.x_dev_sw Algorithm #1 (sum -r): 29626 2912 patchSG0004663.x_dev_sw Algorithm #2 (sum): 22721 2912 patchSG0004663.x_dev_sw MD5 checksum: 1AD91E3743B44EB9D239A7FF8B3DCCBE

Filename: patchSG0004663.x_dev_sw64 Algorithm #1 (sum -r): 50100 1768 patchSG0004663.x_dev_sw64 Algorithm #2 (sum): 37585 1768 patchSG0004663.x_dev_sw64 MD5 checksum: F01B4440B72B7C355F0083BCBD02AB62

Filename: patchSG0004663.x_eoe_sw Algorithm #1 (sum -r): 39553 17149 patchSG0004663.x_eoe_sw Algorithm #2 (sum): 7971 17149 patchSG0004663.x_eoe_sw MD5 checksum: F8677AF45C45F8BCC628A9B4B72E1C36

Filename: patchSG0004663.x_eoe_sw64 Algorithm #1 (sum -r): 28690 3895 patchSG0004663.x_eoe_sw64 Algorithm #2 (sum): 43249 3895 patchSG0004663.x_eoe_sw64 MD5 checksum: E9D8885D8D0EABD464D622A6B8C20A0B

Filename: README.patch.4664 Algorithm #1 (sum -r): 52142 12 README.patch.4664 Algorithm #2 (sum): 7572 12 README.patch.4664 MD5 checksum: 5D4E5F9F443D4BFAA5B16B87EE04FF82

Filename: patchSG0004664 Algorithm #1 (sum -r): 16851 8 patchSG0004664 Algorithm #2 (sum): 58003 8 patchSG0004664 MD5 checksum: F1FDDAED26791293E2C40CA11309EE73

Filename: patchSG0004664.dev_sw Algorithm #1 (sum -r): 06665 4969 patchSG0004664.dev_sw Algorithm #2 (sum): 61714 4969 patchSG0004664.dev_sw MD5 checksum: C3C1B3F7027E8CFA2007C270BDBB98C9

Filename: patchSG0004664.dmedia_eoe_sw Algorithm #1 (sum -r): 37664 2052 patchSG0004664.dmedia_eoe_sw Algorithm #2 (sum): 46869 2052 patchSG0004664.dmedia_eoe_sw MD5 checksum: 23562ECDE183910E728C5D082B280352

Filename: patchSG0004664.idb Algorithm #1 (sum -r): 17964 9 patchSG0004664.idb Algorithm #2 (sum): 20986 9 patchSG0004664.idb MD5 checksum: 64ECD84929751DD84934FD0B92A92AA7

Filename: patchSG0004664.x_dev_sw Algorithm #1 (sum -r): 17678 2912 patchSG0004664.x_dev_sw Algorithm #2 (sum): 37775 2912 patchSG0004664.x_dev_sw MD5 checksum: 547263071E4481C4FE7C72B5CB988837

Filename: patchSG0004664.x_dev_sw64 Algorithm #1 (sum -r): 51740 1771 patchSG0004664.x_dev_sw64 Algorithm #2 (sum): 30768 1771 patchSG0004664.x_dev_sw64 MD5 checksum: D4078363D7F450D5907B98D61F12C4A5

Filename: patchSG0004664.x_eoe_sw Algorithm #1 (sum -r): 56676 17144 patchSG0004664.x_eoe_sw Algorithm #2 (sum): 42847 17144 patchSG0004664.x_eoe_sw MD5 checksum: A8894B977CFEB0CEEE115CD252BB2D6D

Filename: patchSG0004664.x_eoe_sw64 Algorithm #1 (sum -r): 44535 3903 patchSG0004664.x_eoe_sw64 Algorithm #2 (sum): 13310 3903 patchSG0004664.x_eoe_sw64 MD5 checksum: E564EA0AFB18EF77A67BB1E90C67346C

Filename: README.patch.4709 Algorithm #1 (sum -r): 54795 10 README.patch.4709 Algorithm #2 (sum): 5764 10 README.patch.4709 MD5 checksum: 02B6646BEAD5220EB028B8DDA890FC45

Filename: patchSG0004709 Algorithm #1 (sum -r): 19667 5 patchSG0004709 Algorithm #2 (sum): 13760 5 patchSG0004709 MD5 checksum: 8779F029143A7E7A0C2463D2817F75ED

Filename: patchSG0004709.dmedia_eoe_sw Algorithm #1 (sum -r): 55325 2024 patchSG0004709.dmedia_eoe_sw Algorithm #2 (sum): 54859 2024 patchSG0004709.dmedia_eoe_sw MD5 checksum: 4C3798409C8C8208CF4CBE0458C9BBC4

Filename: patchSG0004709.idb Algorithm #1 (sum -r): 13705 5 patchSG0004709.idb Algorithm #2 (sum): 59734 5 patchSG0004709.idb MD5 checksum: 82DE19E57E969FD31BDF129F4EC20208

Filename: patchSG0004709.x_dev_sw Algorithm #1 (sum -r): 40202 240 patchSG0004709.x_dev_sw Algorithm #2 (sum): 38774 240 patchSG0004709.x_dev_sw MD5 checksum: 9EF6548A89FFBF6E0C55DBAD86F90EF8

Filename: patchSG0004709.x_dev_sw64 Algorithm #1 (sum -r): 09364 151 patchSG0004709.x_dev_sw64 Algorithm #2 (sum): 24763 151 patchSG0004709.x_dev_sw64 MD5 checksum: F5123FBF8FB1E7D40C0AE76B32B30A35

Filename: patchSG0004709.x_eoe_sw Algorithm #1 (sum -r): 63497 11653 patchSG0004709.x_eoe_sw Algorithm #2 (sum): 55851 11653 patchSG0004709.x_eoe_sw MD5 checksum: C044A9D8826209D129CA408A2942EE9C

Filename: README.patch.4710 Algorithm #1 (sum -r): 33104 10 README.patch.4710 Algorithm #2 (sum): 5672 10 README.patch.4710 MD5 checksum: FF470C94A047A26BE948B1B6B395D0BA

Filename: patchSG0004710 Algorithm #1 (sum -r): 54983 5 patchSG0004710 Algorithm #2 (sum): 18095 5 patchSG0004710 MD5 checksum: 8BBA0355F5697B25AD14FC0F77F4DBB3

Filename: patchSG0004710.dmedia_eoe_sw Algorithm #1 (sum -r): 58724 2030 patchSG0004710.dmedia_eoe_sw Algorithm #2 (sum): 54553 2030 patchSG0004710.dmedia_eoe_sw MD5 checksum: 250A8F059CC1CBED9103B817CDA55DFB

Filename: patchSG0004710.idb Algorithm #1 (sum -r): 37173 5 patchSG0004710.idb Algorithm #2 (sum): 60119 5 patchSG0004710.idb MD5 checksum: AA92D95A35FD3E871BF66D29294186C2

Filename: patchSG0004710.x_dev_sw Algorithm #1 (sum -r): 43943 240 patchSG0004710.x_dev_sw Algorithm #2 (sum): 18781 240 patchSG0004710.x_dev_sw MD5 checksum: B2F06D058040310C5C67A254080F5734

Filename: patchSG0004710.x_dev_sw64 Algorithm #1 (sum -r): 34551 151 patchSG0004710.x_dev_sw64 Algorithm #2 (sum): 20425 151 patchSG0004710.x_dev_sw64 MD5 checksum: 2DBE25A690C2F18A5643DE82256C6841

Filename: patchSG0004710.x_eoe_sw Algorithm #1 (sum -r): 35591 11635 patchSG0004710.x_eoe_sw Algorithm #2 (sum): 55324 11635 patchSG0004710.x_eoe_sw MD5 checksum: 64183364C94F0D08BFD70960A7D7AE0D

Filename: README.patch.4757 Algorithm #1 (sum -r): 31919 9 README.patch.4757 Algorithm #2 (sum): 6853 9 README.patch.4757 MD5 checksum: 59C90A013D404F56C60BECF6E49F9532

Filename: patchSG0004757 Algorithm #1 (sum -r): 51651 2 patchSG0004757 Algorithm #2 (sum): 43183 2 patchSG0004757 MD5 checksum: F035444DC5A27037DBAB67138505A8AF

Filename: patchSG0004757.idb Algorithm #1 (sum -r): 38944 3 patchSG0004757.idb Algorithm #2 (sum): 51661 3 patchSG0004757.idb MD5 checksum: D8D62F8BBEC9B4660D1EA726B57F8AA9

Filename: patchSG0004757.x_eoe_sw Algorithm #1 (sum -r): 18457 11235 patchSG0004757.x_eoe_sw Algorithm #2 (sum): 12989 11235 patchSG0004757.x_eoe_sw MD5 checksum: 35BE4F4C9FE12BCB2489A56EC14EDD07

Filename: README.patch.4758 Algorithm #1 (sum -r): 07884 9 README.patch.4758 Algorithm #2 (sum): 6869 9 README.patch.4758 MD5 checksum: 8BADEE8856A97B2F67AB7CB8C6A74D4B

Filename: patchSG0004758 Algorithm #1 (sum -r): 15890 2 patchSG0004758 Algorithm #2 (sum): 40799 2 patchSG0004758 MD5 checksum: A362C93D014DFBE7E881038BA959BF04

Filename: patchSG0004758.idb Algorithm #1 (sum -r): 63456 3 patchSG0004758.idb Algorithm #2 (sum): 51709 3 patchSG0004758.idb MD5 checksum: 7DDE5D803277DCA82EFB33D63DFA5DB9

Filename: patchSG0004758.x_eoe_sw Algorithm #1 (sum -r): 33795 11219 patchSG0004758.x_eoe_sw Algorithm #2 (sum): 16001 11219 patchSG0004758.x_eoe_sw MD5 checksum: B3D9040A5B1FE3A546860AA8CB0B0F1B

`- ------------------

• — References —
• ------------------`

SGI Security Advisories can be found at: ``<http://www.sgi.com/support/security/>`` and ``<ftp://patches.sgi.com/support/free/security/advisories/>

SGI Security Patches can be found at: ``<http://www.sgi.com/support/security/>`` and ``<ftp://patches.sgi.com/support/free/security/patches/>

SGI patches for IRIX can be found at the following patch servers: ``<http://support.sgi.com/irix/>`` and ``<ftp://patches.sgi.com/>

SGI freeware updates for IRIX can be found at: ``<http://freeware.sgi.com/>

SGI fixes for SGI open sourced code can be found on: ``<http://oss.sgi.com/projects/>

SGI patches and RPMs for Linux can be found at: ``<http://support.sgi.com/linux/>`` or ``<http://oss.sgi.com/projects/sgilinux-combined/download/security-fixes/>

SGI patches for Windows NT or 2000 can be found at: ``<http://support.sgi.com/nt/>

IRIX 5.2-6.4 Recommended/Required Patch Sets can be found at: ``<http://support.sgi.com/irix/>`` and ``<ftp://patches.sgi.com/support/patchset/>

IRIX 6.5 Maintenance Release Streams can be found at: ``<http://support.sgi.com/colls/patches/tools/relstream/index.html>

IRIX 6.5 Software Update CDs can be obtained from: ``<http://support.sgi.com/irix/swupdates/>

The primary SGI anonymous FTP site for security advisories and patches is patches.sgi.com (216.32.174.211). Security advisories and patches are located under the URL ``<ftp://patches.sgi.com/support/free/security/>

For security and patch management reasons, ftp.sgi.com (mirrors patches.sgi.com security FTP repository) lags behind and does not do a real-time update.

`- ------------------------

• — Acknowledgments ----
• ------------------------`

SGI wishes to thank FIRST and the users of the Internet Community at large for their assistance in this matter.

`- -----------------------------------------

• — SGI Security Information/Contacts —
• -----------------------------------------`

If there are questions about this document, email can be sent to [email protected].

------oOo------

SGI provides security information and patches for use by the entire SGI community. This information is freely available to any person needing the information and is available via anonymous FTP and the Web.

The primary SGI anonymous FTP site for security advisories and patches is patches.sgi.com (216.32.174.211). Security advisories and patches are located under the URL ``<ftp://patches.sgi.com/support/free/security/>

The SGI Security Headquarters Web page is accessible at the URL: ``<http://www.sgi.com/support/security/>

For issues with the patches on the FTP sites, email can be sent to [email protected].

For assistance obtaining or working with security patches, please contact your SGI support provider.

------oOo------

SGI provides a free security mailing list service called wiretap and encourages interested parties to self-subscribe to receive (via email) all SGI Security Advisories when they are released. Subscribing to the mailing list can be done via the Web (``<http://www.sgi.com/support/security/wiretap.html>``) or by sending email to SGI as outlined below.

% mail [email protected] subscribe wiretap <YourEmailAddress> end ^d

In the example above, <YourEmailAddress> is the email address that you wish the mailing list information sent to. The word end must be on a separate line to indicate the end of the body of the message. The control-d (^d) is used to indicate to the mail program that you are finished composing the mail message.

------oOo------

SGI provides a comprehensive customer World Wide Web site. This site is located at ``<http://www.sgi.com/support/security/>`` .

------oOo------

If there are general security questions on SGI systems, email can be sent to [email protected].

For reporting *NEW* SGI security issues, email can be sent to [email protected] or contact your SGI support provider. A support contract is not required for submitting a security report.

______________________________________________________________________________ This information is provided freely to all interested parties and may be redistributed provided that it is not altered in any way, SGI is appropriately credited and the document retains and includes its valid PGP signature.

-----BEGIN PGP SIGNATURE----- Version: 2.6.2

iQCVAwUBPazMZ7Q4cFApAP75AQGwoAQAt5RnCzFpb+Q+NbFHaVqUqFIm6IdSPoBw Kp+G4mH8CXkpE7jtEtaTtAA0Rcm+vdnW3FiL7VGzZzdjd49bklXCCwZiRsxHsHv3 vIBj5/O+qEFcYDOVWfWQaZA/G9RJKpfPh+4YGbt60C1gGfswlVopmxG0O9kCrJc8 280a+eCuSA0= =v/zn -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
______________________________________________________________________________ SGI Security Advisory
Title : Java Security Fixes Number : 20030303-01-I Date : March 19, 2003 Reference: CERT CA-2002-07 Reference: CERT VU#368819 Reference: CVE CAN-2002-0059 Reference: SGI BUGS 875825 875826 874656 868744 Fixed in : Java2 v1.4.1 APIs.
______________________________________________________________________________
`- -----------------------

• — Issue Specifics —

---

It’s been reported that there are multiple vulnerabilities in Java:
o A defect in the Java™ Virtual Machine may allow illegal
access to protected fields or methods of an object:
<http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50083&gt;
o The Java™ Secure Socket Extension (JSSE) may incorrectly validate
the digital certificate of a web site:
<http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F50081&gt;
o The Java Plug-in may incorrectly validate the digital certificates of
signed JAR files:
<http://online.securityfocus.com/archive/1/300767&gt;
<http://lsd-pl.net/java_security.html&gt;
o A defect in the Bytecode Verifier may allow new instances of objects
to be created without calling the proper initialization method from
within the constructor of the created class:
<http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert%2F49304&gt;
o CERT has reported a bug in the zlib compression library:
<http://www.cert.org/advisories/CA-2002-07.html&gt;
http://sunsolve.sun.com/pub-cgi/retrieve.pl?&doc=secbull/220
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0059&gt;
SGI’s implementations of the Java™ Runtime Environment include zlib
and are affected. This bug may allow malicious code to corrupt memory
and possibly crash the Java Runtime Environment.
SGI has investigated the issues and recommends the following steps for
neutralizing the exposure. It is HIGHLY RECOMMENDED that these measures be
implemented on ALL vulnerable SGI systems.
These issues have been corrected in SGI’s release of the Java2 v1.4.1 APIs.
`

`- --------------

• — Impact —

---

Java is installed by default on IRIX 6.5 systems as part of java_eoe.
To determine the version of IRIX you are running, execute the following
command:
# /bin/uname -R
That will return a result similar to the following:
# 6.5 6.5.19f
The first number (“6.5”) is the release name, the second (“6.5.16f” in this
case) is the extended release name. The extended release name is the
“version” we refer to throughout this document.
`

`- ----------------------------

• — Temporary Workaround —

---

There is no workaround for these issues. SGI recommends installing the new
Java API package noted below.
`

`- ----------------

• — Solution —

---

SGI has provided a new version of Java (version 1.4.1) to address these
vulnerabilities. Our recommendation is to upgrade to this version of Java.
OS Version Vulnerable? Patch # Other Actions

---

IRIX 3.x unknown Note 1
IRIX 4.x unknown Note 1
IRIX 5.x unknown Note 1
IRIX 6.0.x unknown Note 1
IRIX 6.1 unknown Note 1
IRIX 6.2 unknown Note 1
IRIX 6.3 unknown Note 1
IRIX 6.4 unknown Note 1
IRIX 6.5 yes Notes 2 & 3
IRIX 6.5.1 yes Notes 2 & 3
IRIX 6.5.2 yes Notes 2 & 3
IRIX 6.5.3 yes Notes 2 & 3
IRIX 6.5.4 yes Notes 2 & 3
IRIX 6.5.5 yes Notes 2 & 3
IRIX 6.5.6 yes Notes 2 & 3
IRIX 6.5.7 yes Notes 2 & 3
IRIX 6.5.8 yes Notes 2 & 3
IRIX 6.5.9 yes Notes 2 & 3
IRIX 6.5.10 yes Notes 2 & 3
IRIX 6.5.11 yes Notes 2 & 3
IRIX 6.5.12 yes Notes 2 & 3
IRIX 6.5.13 yes Notes 2 & 3
IRIX 6.5.14 yes Notes 2 & 3
IRIX 6.5.15 yes Notes 2 & 3
IRIX 6.5.16 yes Notes 2 & 3
IRIX 6.5.17 yes Notes 2 & 3
IRIX 6.5.18 yes Notes 2 & 3
IRIX 6.5.19 yes Notes 2 & 3
NOTES
1) This version of the IRIX operating has been retired. Upgrade to an
actively supported IRIX operating system. See IRIX Support Policy on
<http://support.sgi.com/for&gt; more information.
2) If you have not received an IRIX 6.5.X CD for IRIX 6.5, contact your
SGI Support Provider or login to <http://support.sgi.com/&gt;
3) Both Java2 v1.4.1 and the plugin are now available from Silicon Surf’s
“Download Cool Software” page <http://www.sgi.com/products/evaluation&gt;
`

`- ------------------------

• — Acknowledgments ----

---

SGI wishes to thank Sun Microsystems, Last Stage of Delirium, and the users
of the Internet Community at large for their assistance in this matter.
`

`- -------------

• — Links —

---

SGI Security Advisories can be found at:
<http://www.sgi.com/support/security/&gt; and
<ftp://patches.sgi.com/support/free/security/advisories/&gt;
SGI Security Patches can be found at:
<http://www.sgi.com/support/security/&gt; and
<ftp://patches.sgi.com/support/free/security/patches/&gt;
SGI patches for IRIX can be found at the following patch servers:
<http://support.sgi.com/irix/&gt; and <ftp://patches.sgi.com/&gt;
SGI freeware updates for IRIX can be found at:
<http://freeware.sgi.com/&gt;
SGI fixes for SGI open sourced code can be found on:
<http://oss.sgi.com/projects/&gt;
SGI patches and RPMs for Linux can be found at:
<http://support.sgi.com/linux/&gt; or
<http://oss.sgi.com/projects/sgilinux-combined/download/security-fixes/&gt;
SGI patches for Windows NT or 2000 can be found at:
<http://support.sgi.com/nt/&gt;
IRIX 5.2-6.4 Recommended/Required Patch Sets can be found at:
<http://support.sgi.com/irix/&gt; and <ftp://patches.sgi.com/support/patchset/&gt;
IRIX 6.5 Maintenance Release Streams can be found at:
<http://support.sgi.com/colls/patches/tools/relstream/index.html&gt;
IRIX 6.5 Software Update CDs can be obtained from:
<http://support.sgi.com/irix/swupdates/&gt;
The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com (216.32.174.211). Security advisories and patches are
located under the URL <ftp://patches.sgi.com/support/free/security/&gt;
For security and patch management reasons, ftp.sgi.com (mirrors
patches.sgi.com security FTP repository) lags behind and does not do a
real-time update.
`

`- -----------------------------------------

• — SGI Security Information/Contacts —

---

If there are questions about this document, email can be sent to
[email protected].
------oOo------
SGI provides security information and patches for use by the entire SGI
community. This information is freely available to any person needing the
information and is available via anonymous FTP and the Web.
The primary SGI anonymous FTP site for security advisories and patches is
patches.sgi.com (216.32.174.211). Security advisories and patches are
located under the URL <ftp://patches.sgi.com/support/free/security/&gt;
The SGI Security Headquarters Web page is accessible at the URL:
<http://www.sgi.com/support/security/&gt;
For issues with the patches on the FTP sites, email can be sent to
[email protected].
For assistance obtaining or working with security patches, please
contact your SGI support provider.
------oOo------
SGI provides a free security mailing list service called wiretap and
encourages interested parties to self-subscribe to receive (via email) all
SGI Security Advisories when they are released. Subscribing to the mailing
list can be done via the Web
(<http://www.sgi.com/support/security/wiretap.html&gt;) or by sending email to
SGI as outlined below.
% mail [email protected]
subscribe wiretap <YourEmailAddress such as [email protected] >
end
^d
In the example above, <YourEmailAddress> is the email address that you wish
the mailing list information sent to. The word end must be on a separate
line to indicate the end of the body of the message. The control-d (^d) is
used to indicate to the mail program that you are finished composing the
mail message.
`

------oOo------
SGI provides a comprehensive customer World Wide Web site. This site is located at <http://www.sgi.com/support/security/> .
------oOo------
If there are general security questions on SGI systems, email can be sent to [email protected].
For reporting *NEW* SGI security issues, email can be sent to [email protected] or contact your SGI support provider. A support contract is not required for submitting a security report.
______________________________________________________________________________ This information is provided freely to all interested parties and may be redistributed provided that it is not altered in any way, SGI is appropriately credited and the document retains and includes its valid PGP signature.
-----BEGIN PGP SIGNATURE----- Version: 2.6.2
iQCVAwUBPnj4m7Q4cFApAP75AQHCtgP+KFxc60dQxwHfcZybC1wjn1RsgoGJxaXE fbcorhZH/0Wk/hIhgKL4cPLIN/SahuBTN76A9OicTVE1risSU6bCw1NaayUrLxFD 7zhl0fVt4eBj+9ON5r9IV16ftzGCtGjmlRVA/1rBYnJAYScRgzztJyXQOEVkxFOT zdOzDEfKMY4= =abIA -----END PGP SIGNATURE-----

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please note that the above section contains two SGI security advisories.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Slackware __ Affected

Updated: March 15, 2002

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Slackware has published the following information regarding this vulnerability:

http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2002&m=slackware-security.260865
http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2002&m=slackware-security.218674
http://www.slackware.com/lists/archive/viewer.php?l=slackware-security&y=2002&m=slackware-security.200300

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

SuSE Inc. __ Affected

Notified: March 12, 2002 Updated: June 27, 2002

Status

Affected

Vendor Statement

All SuSE Linux versions previous to 8.0 are affected by this issue. We have released security updates for zlib itself, as well as several packages including their own copy of zlib.

Details on this issue, as well as the list of packages to upgrade, can be found in our advisory at:

http://www.suse.de/de/support/security/2002_010_libz_txt.html
http://www.suse.de/de/support/security/2002_011_libz_packages_txt.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Additionally, SuSE has published the following security advisories on this issue:

Sun Microsystems Inc. __ Affected

Notified: February 23, 2002 Updated: April 17, 2003

Status

Affected

Vendor Statement

Solaris 8 includes the zlib library as part of the SUNWzlib package which is affected by this issue. Open Windows 3.6.1 (for Solaris 7) and Open Windows 3.6.2 (for Solaris 8) ship a version of zlib which is affected in recent patches. Sun has produced patches for both Solaris and Open Windows which address this issue. The impact and patch details are described in Sun Alert 43541 available here:

http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert%2F43541

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

-----BEGIN PGP SIGNED MESSAGE-----

The SCO Group (SCO Linux) __ Affected

Notified: February 23, 2002 Updated: April 05, 2002

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Caldera has released Security Advisory CSSA-2002-015.0 to address this issue. For more information, please see

http://www.caldera.com/support/security/advisories/CSSA-2002-015.0.txt

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Trustix __ Affected

Notified: March 18, 2002 Updated: March 18, 2002

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Trustix has released Trustix Secure Linux Security Advisory #2002-0040 to address this issue. For further information, please see

http://www.trustix.org/pipermail/tsl-announce/2002-March/000082.html

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

XFree86 __ Affected

Notified: March 05, 2002 Updated: March 11, 2002

Status

Affected

Vendor Statement

XFree86 versions 4.0 through 4.2.0 include zlib version 1.0.8. XFree86 3.x includes zlib version 1.0.4. The zlib code included with XFree86 is only used on some platforms. This is determined by the setting of HasZlib in the imake config files in the xc/config/cf source directory. If HasZlib is set to YES in the platform’s vendor.cf file(s), then the system-provided zlib is used instead of the XFree86-provided version. XFree86 uses the system-provided zlib by default only on the following platforms:

FreeBSD 2.2 and later
NetBSD 1.2.2 and later
OpenBSD
Darwin
Debian Linux
The zlib code in XFree86 has been fixed in the CVS repository (trunk and the xf-4_2-branch branch) as of 14 February 2002. A source patch for XFree86 4.2.0 will be available from .

The following XFree86 4.2.0 binary distributions provided by XFree86 include and use a vulnerable version of zlib:

Linux-alpha-glibc22
Linux-ix86-glibc22
When updated binaries are available, it’ll be documented at .

To check if an installation of XFree86 includes zlib, see if the following file exists:

/usr/X11R6/lib/libz.a
To check if an XFree86 X server is dynamically linked with zlib, look for a line containing ‘libz’ in the output of ‘ldd /usr/X11R6/bin/XFree86’.

Various vendors repackage and distribute XFree86, and may use settings and configurations different from those described here.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

zlib.org __ Affected

Notified: March 05, 2002 Updated: March 08, 2002

Status

Affected

Vendor Statement

All users of zlib versions 1.1.3 or earlier should obtain the latest version, 1.1.4 or later, from http://www.zlib.org, in order to avoid this vulnerability as well as other possible vulnerabilities in versions prior to 1.1.3 when decompressing invalid data.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Apple Computer Inc. __ Not Affected

Notified: February 23, 2002 Updated: March 11, 2002

Status

Not Affected

Vendor Statement

Mac OS X and Mac OS X Server do not contain this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

F-Secure __ Not Affected

Notified: March 14, 2002 Updated: March 15, 2002

Status

Not Affected

Vendor Statement

F-Secure SSH is not vulnerable to zlib double free bug.

No version of F-Secure SSH software is vulnerable to the “Double Free Bug in zlib Compression Library” discussed in CERT Advisory CA-2002-07.

All F-Secure SSH versions, both the old SSH1 and later SSH2 protocol clients and servers, close connection immediately with fatal cleanup call without any further calls to zlib when call to zlib’s inflate() returns something else than Z_OK.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Fujitsu __ Not Affected

Notified: February 23, 2002 Updated: March 08, 2002

Status

Not Affected

Vendor Statement

Fujitsu’s UXP/V operating system is not affected by the zlib vulnerability because it does not support zlib.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Microsoft Corporation __ Not Affected

Notified: March 11, 2002 Updated: May 02, 2002

Status

Not Affected

Vendor Statement

Microsoft conducted a thorough source-code level review of its products in response to the reports of vulnerabilities in zlib. This review did not discover any vulnerabilities related to these reports.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

SSH Communications Security __ Not Affected

Notified: March 14, 2002 Updated: March 21, 2002

Status

Not Affected

Vendor Statement

SSH Secure Shell is not vulnerable to zlib double free bug.

No version of SSH Secure Shell software is vulnerable to the “Double Free Bug in zlib Compression Library” discussed in CERT Advisory CA-2002-07.

All SSH Secure Shell versions, including SSH2 protocol clients and servers, close the connection immediately with a fatal cleanup call without any further calls to zlib when a call to zlib’s inflate() returns something else than Z_OK.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

AOL Time Warner Unknown

Notified: March 05, 2002 Updated: March 06, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

AT&T Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Apache Unknown

Notified: March 25, 2002 Updated: March 25, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

BSDI Unknown

Notified: February 23, 2002 Updated: March 11, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Computer Associates Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Data General Unknown

Notified: February 23, 2002 Updated: February 25, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Lotus Software Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Lucent Technologies Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Multinet Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

NEC Corporation Unknown

Notified: February 23, 2002 Updated: April 29, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Netscape Communications Corporation Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Nortel Networks Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Oracle Corporation Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Sequent Unknown

Notified: February 23, 2002 Updated: February 25, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Sony Corporation Unknown

Notified: February 23, 2002 Updated: February 25, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

The Open Group Unknown

Notified: April 27, 2002 Updated: April 29, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

The SCO Group (SCO UnixWare) Unknown

Notified: February 23, 2002 Updated: February 25, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Unisys Unknown

Notified: February 23, 2002 Updated: February 25, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

Wind River Systems Inc. Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

libpng.org Unknown

Notified: March 11, 2002 Updated: March 14, 2002

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23368819 Feedback>).

View all 49 vendors __View less vendors __

CVSS Metrics

Group	Score	Vector
Base
Temporal
Environmental

References

• <http://bugzilla.gnome.org/show_bug.cgi?id=70594&gt;
• <http://www.gzip.org/zlib/advisory-2002-03-11.txt&gt;
• <http://www.libpng.org/pub/png/pngapps.html&gt;
• <http://www.redhat.com/support/errata/RHSA-2002-026.html&gt;
• <http://www.securityfocus.com/bid/4267&gt;
• <http://securitytracker.com/alerts/2002/Mar/1003783.html&gt;
• <http://xforce.iss.net/xforce/xfdb/8427&gt;
• <http://www.ciac.org/ciac/bulletins/m-062.shtml&gt;

Acknowledgements

The CERT/CC thanks Owen Taylor and Mark Cox of Red Hat, Inc. for reporting this vulnerability. We also thank Mark Adler of zlib.org for contributing to our research and Matthias Clasen for contributing to the discovery of this vulnerability.

This document was written by Jeffrey P. Lanza.

Other Information

CVE IDs:	CVE-2002-0059
CERT Advisory:	CA-2002-07 Severity Metric: