Nom du paquet
gzip
Date
2002-01-31
Advisory ID
MDKSA-2002:011
Affected versions
8.1 i586 , SNF7.2 i586 , CS1.0 i586 , 8.1 i586 , 8.0 i586 , 8.0 i586 , 7.1 i586 , 7.2 i586

Problem description

There are two problems with the gzip archiving program; the first is a crash when an input file name is over 1020 characters, and the second is a buffer overflow that could be exploited if gzip is run on a server such as an FTP server. The patch applied is from the gzip developers and the problems have been fixed in the latest beta.

Updated packages

8.1 i586

 ac92d89175214285cf11d2663744a040  ia64/8.1/RPMS/gzip-1.2.4a-9.1mdk.ia64.rpm
462664bd9f12cda8e73160ffff98770f  ia64/8.1/SRPMS/gzip-1.2.4a-9.1mdk.src.rpm

SNF7.2 i586

 d8cbd0398f776074a1966306d4d4ec01  snf7.2/RPMS/gzip-1.2.4a-9.1mdk.i586.rpm
462664bd9f12cda8e73160ffff98770f  snf7.2/SRPMS/gzip-1.2.4a-9.1mdk.src.rpm

CS1.0 i586

 3f6150749a54bf1b23883aef86a56d3b  1.0.1/RPMS/gzip-1.2.4a-9.2mdk.i586.rpm
66a43cdb4e1aa47cd21c73fd2ce7486b  1.0.1/SRPMS/gzip-1.2.4a-9.2mdk.src.rpm

8.1 i586

 0c4bd47c8314d2df3b5dd98476a75c80  8.1/RPMS/gzip-1.2.4a-9.1mdk.i586.rpm
462664bd9f12cda8e73160ffff98770f  8.1/SRPMS/gzip-1.2.4a-9.1mdk.src.rpm

8.0 i586

 62856680235f87c6ad3327d5b7fa0dbb  8.0/RPMS/gzip-1.2.4a-9.1mdk.i586.rpm
462664bd9f12cda8e73160ffff98770f  8.0/SRPMS/gzip-1.2.4a-9.1mdk.src.rpm

8.0 i586

 a8390f5cffaa178e4d072a15c16d44e9  ppc/8.0/RPMS/gzip-1.2.4a-9.1mdk.ppc.rpm
462664bd9f12cda8e73160ffff98770f  ppc/8.0/SRPMS/gzip-1.2.4a-9.1mdk.src.rpm

7.1 i586

 3f6150749a54bf1b23883aef86a56d3b  7.1/RPMS/gzip-1.2.4a-9.2mdk.i586.rpm
66a43cdb4e1aa47cd21c73fd2ce7486b  7.1/SRPMS/gzip-1.2.4a-9.2mdk.src.rpm

7.2 i586

 d8cbd0398f776074a1966306d4d4ec01  7.2/RPMS/gzip-1.2.4a-9.1mdk.i586.rpm
462664bd9f12cda8e73160ffff98770f  7.2/SRPMS/gzip-1.2.4a-9.1mdk.src.rpm

References