zlib bug fix and enhancement update

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fixes and Enhancements: AlmaLinux8.1 - zlib: DFLTCC compression level switching issues BZ1926104 AlmaLinux8.2 - zlib: inflateSyncPoint returns an incorrect result on z15...

CVE-2020-29367

CVE-2020-29367 affects Blosc C-Blosc2 (Blosc devel up to version 2.0.0.beta.5). A heap-based buffer overflow occurs when there is insufficient space to write compressed data, potentially impacting programs that rely on Blosc for compression. The vulnerability is described with a high impact on co...

[SECURITY] Fedora 33 Update: brotli-1.0.9-3.fc33

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

zlib bug fix and enhancement update

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fixes and Enhancements: AlmaLinux8.2 - zlib on s390x may produce incomplete raw but not gzip/zlib streams BZ1860952 AlmaLinux8.2 - raw zlib test failed with DFLTCCLEVELMASK s...

Denial Of Service (DoS)

netty-codec is vulnerable to denial of service DoS. The vulnerability exists as it was possible to send a large data for compression, causing large buffer allocation sizes in the client JVM...

The vulnerability in the implementation of the Server Message Block (SMBv3) network protocol on Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Server Message Block SMBv3 network protocol implementation in Windows operating systems is related to incorrect handling of requests using data compression algorithms. Exploiting this vulnerability allows a remote attacker to execute arbitrary code with the help of a...

WDExtract - Extract Windows Defender Database From Vdm Files And Unpack It

ExtractWindows Defender database from vdm files and unpack it This program distributed as-is, without any warranty; No official support, if you like this tool, feel free to contribute. Features Unpack VDM containers of Windows Defender/Microsoft Security Essentials; Decrypt VDM container embedded...

CB TAU Threat Intelligence Notification: HopLight Campaign (Linked to North Korea) is Reusing Substantial Amount of Code

On April 10, 2019 the US Department of Homeland Security DHS released a Malware Analysis Report MAR-10135536-8 which detailed the trojan HopLight. HopLight has been linked to different North Korean DPRK campaigns also known as the Lazarus Group. The CB Threat Analysis Unit TAU has continued to...

Long Range Zip Denial of Service Vulnerability (CNVD-2019-14257)

Long Range Zip a.k.a. lrzip is an open source compression utility for large file compression.LZO is one of the lossless data compression algorithms used in... A security vulnerability exists in the 'lzo1xdecompress' function in the liblzo2.so.2 file of LZO version 2.10 used in lrzip version 0.631...

[SECURITY] Fedora 24 Update: bzip2-1.0.6-21.fc24

Bzip2 is a freely available, patent-free, high quality data compressor. Bzip2 compresses files to within 10 to 15 percent of the capabilities of the best techniques available. However, bzip2 has the added benefit of being approximately two times faster at compression and six times faster at...

[SECURITY] Fedora 24 Update: libpng-1.6.27-1.fc24

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

[SECURITY] Fedora 25 Update: libpng-1.6.27-1.fc25

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0093 7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability May 10, 2016 CVE Number CVE-2016-2334 DESCRIPTION An exploitable heap overflow vulnerability exists in the NArchive::NHfs::CHandler::ExtractZlibFile method functionality of...

CVE-2016-1931

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data...

Memory corruption

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data...

CVE-2016-1931

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data...

CVE-2016-1931

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to uninitialized memory encountered during brotli data...

[SECURITY] Fedora 23 Update: libpng-1.6.17-3.fc23

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

ACE Files

ACE is a data compression format used for archiving, which consists of blocks of various types and sizes. An attacker may use the compressed ACE format in order to bypass inspection by network security devices, which will not be able to inspect the original content that is being transferred...

[SECURITY] Fedora 19 Update: lzo-2.08-1.fc19

LZO is a portable lossless data compression library written in ANSI C. It offers pretty fast compression and very fast decompression. Decompression requires no memory. In addition there are slower compression levels achieving a quite competitive compression ratio while still decompressing at this...