EUVD-2004-0602

Malware in sbrugna...

SUSE-SU-2022:1650-1 Security update for gzip

This update for gzip fixes the following issues: - CVE-2022-1271: Add hardening for zgrep. bsc1198062...

OESA-2022-1629 gzip security update

gzip is a single-file/stream lossless data compression utility, where the resulting compressed file generally has the suffix .gz. Security Fixes: The vulnerability exists due to insufficient validation when handling filenames with two or more newlines. A remote attacker can force zgrep or xzgrep ...

SUSE-SU-2022:1250-1 Security update for gzip

This update for gzip fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames ZDI-CAN-16587. bsc1198062 The following non-security bugs were fixed: - Fixed an issue when 'gzexe' counts the lines to skip wrong. bsc1180713 - Fixed a potential segfault when zli...

Moderate: Red Hat Security Advisory: gzip security update

An updated gzip package that fixes one security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The gzip package provides the GNU gzip data compression program. An integer underfl...

[SECURITY] New versions of gzip available

We were told by Michal Zalewski that gzexe as shipped with gzip uses an unsecure method decompressing executables on the fly opening a way of calling arbitrary programs. Newer versions for bo and hamm are fixing this. We recommend you upgrade your gzip package if youre using the gzexe method. dpk...