Support / Sécurité / Annonces de sécurité / Multi Network Firewall 2.0 / MDKSA-2005:124

Nom du paquet: zlib
Date: 2005-07-22
Advisory ID: MDKSA-2005:124
Affected versions: MNF2.0 i586 , 10.2 x86_64 , 10.0 amd64 , 10.2 i586 , 10.1 i586 , 10.0 i586 , CS3.0 x86_64 , CS3.0 i586 , 10.1 x86_64

Problem description

A previous zlib update (MDKSA-2005:112; CAN-2005-2096) fixed an overflow flaw in the zlib program. While that update did indeed fix the reported overflow issue, Markus Oberhumber discovered additional ways that a specially-crafted compressed stream could trigger an overflow. An attacker could create such a stream that would cause a linked application to crash if opened by a user. The updated packages are provided to protect against this flaw. The Corporate Server 2.1 product is not affected by this vulnerability.

Updated packages

MNF2.0 i586

 631b3c1e87bbde27e99673d30c1e91c1  mnf/2.0/RPMS/zlib1-1.2.1-2.3.M20mdk.i586.rpm
c3077bbfdaeb2c6fc1e5aed4f6b0e65b  mnf/2.0/SRPMS/zlib-1.2.1-2.3.M20mdk.src.rpm

10.2 x86_64

 c7c5d4fbeb2db2ffa27e6123958280a7  x86_64/10.2/RPMS/zlib1-1.2.2.2-2.2.102mdk.x86_64.rpm
dbc5bbd0220041e3594939e963bfb5da  x86_64/10.2/RPMS/zlib1-devel-1.2.2.2-2.2.102mdk.x86_64.rpm
543c843e6691904415c4c8bc45affe7c  x86_64/10.2/SRPMS/zlib-1.2.2.2-2.2.102mdk.src.rpm

10.0 amd64

 e6a94df40bc740d725731036e7f3db96  amd64/10.0/RPMS/zlib1-1.2.1-2.3.100mdk.amd64.rpm
890f9d6039a95f82365a7cb55e9017fb  amd64/10.0/RPMS/zlib1-devel-1.2.1-2.3.100mdk.amd64.rpm
72ea4005316839b3c31b90d524c52d42  amd64/10.0/SRPMS/zlib-1.2.1-2.3.100mdk.src.rpm

10.2 i586

 d30d7cfb002353a63f89ba382062a78e  10.2/RPMS/zlib1-1.2.2.2-2.2.102mdk.i586.rpm
5c4a526d818a326fafd6c9e9672b3447  10.2/RPMS/zlib1-devel-1.2.2.2-2.2.102mdk.i586.rpm
543c843e6691904415c4c8bc45affe7c  10.2/SRPMS/zlib-1.2.2.2-2.2.102mdk.src.rpm

10.1 i586

 58c3324f33d5586d1bcdde0aca4e5a79  10.1/RPMS/zlib1-1.2.1.1-3.2.101mdk.i586.rpm
c0ccb2820937a05d8cc608701150f012  10.1/RPMS/zlib1-devel-1.2.1.1-3.2.101mdk.i586.rpm
17ad74eeed07fab9c8829dd546be6890  10.1/SRPMS/zlib-1.2.1.1-3.2.101mdk.src.rpm

10.0 i586

 860987335903c382c12e42448367676f  10.0/RPMS/zlib1-1.2.1-2.3.100mdk.i586.rpm
e047a26f46031a57f896a1d36ccc52c3  10.0/RPMS/zlib1-devel-1.2.1-2.3.100mdk.i586.rpm
72ea4005316839b3c31b90d524c52d42  10.0/SRPMS/zlib-1.2.1-2.3.100mdk.src.rpm

CS3.0 x86_64

 92ef33342acbfa125fb45e84a591cf3f  x86_64/corporate/3.0/RPMS/zlib1-1.2.1-2.3.C30mdk.x86_64.rpm
b884c537207635c8d1ca5ac9bcfed24a  x86_64/corporate/3.0/RPMS/zlib1-devel-1.2.1-2.3.C30mdk.x86_64.rpm
ae75fabf010504e1b0f84f79e50c5753  x86_64/corporate/3.0/SRPMS/zlib-1.2.1-2.3.C30mdk.src.rpm

CS3.0 i586

 2e66862f24760823bdaa26c20fbc7606  corporate/3.0/RPMS/zlib1-1.2.1-2.3.C30mdk.i586.rpm
d9cab4b4ab9a04eeee1b38ac7c3e5e5a  corporate/3.0/RPMS/zlib1-devel-1.2.1-2.3.C30mdk.i586.rpm
ae75fabf010504e1b0f84f79e50c5753  corporate/3.0/SRPMS/zlib-1.2.1-2.3.C30mdk.src.rpm

10.1 x86_64

 87e7046c0c876da2c94590ad6c98dafe  x86_64/10.1/RPMS/zlib1-1.2.1.1-3.2.101mdk.x86_64.rpm
f90e56e2ab04468abac0c08849a5260a  x86_64/10.1/RPMS/zlib1-devel-1.2.1.1-3.2.101mdk.x86_64.rpm
17ad74eeed07fab9c8829dd546be6890  x86_64/10.1/SRPMS/zlib-1.2.1.1-3.2.101mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849