CLSA-2023-1699380056 rsync: Fix of 2 CVEs

CVE-2018-25032: fix a bug that can crash deflate on some input when using ZFIXED - CVE-2022-37434: fix zlib bug with a large gzip header extra field...

SUSE CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

EulerOS 2.0 SP10 : deltarpm (EulerOS-SA-2022-2816)

According to the versions of the deltarpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service application crash via an invalid file that causes a large dynami...

RHEL 9 : zlib (RHSA-2022:7314)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7314 advisory. The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: a...

CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...