Lucene search
SuseSUSE-SA:2005:043HistoryJul 28, 2005 - 3:46 p.m.
denial of service in zlib
2005-07-2815:46:58
lists.opensuse.org
8
0.114 Low
EPSS
Percentile
94.7%
The previous zlib update for CAN-2005-2096 fixed a flaw in zlib that could allow a carefully crafted compressed stream to crash an application. While the original patch corrected the reported overflow, Markus Oberhumer discovered additional ways a stream could trigger an overflow. This update fixes those problems as well. This issue is tracked by the Mitre CVE ID CAN-2005-1849. Since only zlib 1.2.x is affected, older SUSE products are not affected by this problem.
Solution
There is no known workaround, please install the update packages.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 9.1 | i586 | zlib-32bit | < 9.1-200507231731 | zlib-32bit-9.1-200507231731.i586.rpm |
| openSUSE | 9.1 | i586 | zlib | < 1.2.1-70.12 | zlib-1.2.1-70.12.i586.rpm |
| openSUSE | 9.3 | i586 | zlib | < 1.2.2-5.4 | zlib-1.2.2-5.4.i586.rpm |
| openSUSE | 9.1 | i586 | zlib-devel-32bit | < 9.1-200507231731 | zlib-devel-32bit-9.1-200507231731.i586.rpm |
| openSUSE | 9.3 | x86_64 | zlib-devel | < 1.2.2-5.4 | zlib-devel-1.2.2-5.4.x86_64.rpm |
| openSUSE | 9.1 | x86_64 | zlib | < 1.2.1-70.12 | zlib-1.2.1-70.12.x86_64.rpm |
| openSUSE | 9.3 | x86_64 | zlib-32bit | < 9.3-7.2 | zlib-32bit-9.3-7.2.x86_64.rpm |
| openSUSE | 9.1 | x86_64 | zlib-devel | < 1.2.1-70.12 | zlib-devel-1.2.1-70.12.x86_64.rpm |
| openSUSE | 9.2 | i586 | zlib | < 1.2.1-74.4 | zlib-1.2.1-74.4.i586.rpm |
| openSUSE | 9.2 | x86_64 | zlib-devel-32bit | < 9.2-200507230712 | zlib-devel-32bit-9.2-200507230712.x86_64.rpm |
Related
nessus
nessus
GLSA-200507-28 : AMD64 x86 emulation base libraries: Buffer overflow
2005-07-31 00:00:00
RHEL 4 : zlib (RHSA-2005:584)
2005-07-22 00:00:00
Debian DSA-1026-1 : sash - buffer overflows
2006-10-14 00:00:00
openvas
openvas
Debian Security Advisory DSA 797-2 (zsync)
2008-01-17 00:00:00
SLES9: Security update for zlib
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200509-18 (qt)
2008-09-24 00:00:00
osv
osv
sash - buffer overflows
2006-04-06 00:00:00
zsync - buffer overflow
2005-09-01 00:00:00
debian
debian
[SECURITY] [DSA 797-2] Updated zsync i386 packages fix build error
2005-09-29 00:35:02
[SECURITY] [DSA 797-1] New zsync packages fix DOS
2005-09-02 01:52:01
securityvulns
securityvulns
gentoo
gentoo
Compress::Zlib: Buffer overflow
2005-08-01 00:00:00
AMD64 x86 emulation base libraries: Buffer overflow
2005-07-30 00:00:00
Qt: Buffer overflow in the included zlib library
2005-09-26 00:00:00
ubuntu
ubuntu
zlib vulnerability
2005-07-21 00:00:00
zlib vulnerabilities
2005-07-23 00:00:00
rpm vulnerability
2005-11-09 00:00:00
redhat
redhat
(RHSA-2005:584) zlib security update
2005-07-21 00:00:00
(RHSA-2005:569) zlib security update
2005-07-06 00:00:00
centos
centos
zlib security update
2005-07-21 19:23:28
zlib security update
2005-07-06 14:58:06
jvn
jvn
JVN#78689801: BGA32.DLL and QBga32.DLL contain multiple vulnerabilities
2015-05-19 00:00:00
cert
cert
zlib inflate() routine vulnerable to buffer overflow
2005-07-07 00:00:00
cve
cve
CVE-2005-2096
2005-07-06 04:00:00
CVE-2005-1849
2005-07-26 04:00:00
suse
suse
remote denial of service in zlib
2005-07-06 15:27:38
ubuntucve
ubuntucve
CVE-2005-2096
2005-07-06 00:00:00
CVE-2005-1849
2005-07-26 00:00:00
slackware
slackware
zlib DoS
2005-07-08 15:31:49
freebsd_advisory
freebsd_advisory
FreeBSD-SA-05:16.zlib
2005-07-06 00:00:00
FreeBSD-SA-05:18.zlib
2005-07-27 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: deltarpm-3.4-11.fc10.1
2009-10-09 03:44:10
[SECURITY] Fedora 11 Update: deltarpm-3.4-17.fc11
2009-10-09 03:37:34
[SECURITY] Fedora 11 Update: deltarpm-3.4-18.fc11
2009-10-14 01:41:13
f5
f5
SOL5004 - Security Advisory: zlib buffer overflow - CAN-2005-2096
2007-05-16 00:00:00
K5004 : Security Advisory: zlib buffer overflow - CAN-2005-2096
2013-03-28 00:00:00
SOL16990 - zlib 1.2.2 vulnerability CVE-2005-1849
2015-07-20 00:00:00
freebsd
freebsd
zlib -- buffer overflow vulnerability
2005-07-06 00:00:00
zlib -- buffer overflow vulnerability
2005-07-27 00:00:00
debiancve
debiancve
CVE-2005-2096
2005-07-06 04:00:00
CVE-2005-1849
2005-07-26 04:00:00
exploitpack
exploitpack
IPComp - encapsulation Kernel Memory Corruption
2011-04-01 00:00:00
seebug
seebug
IPComp encapsulation pre-auth kernel memory corruption
2014-07-01 00:00:00
exploitdb
exploitdb
IPComp - encapsulation Kernel Memory Corruption
2011-04-01 00:00:00