[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] zlib security problem

>From slashdot come distressing news:

 "CNET is reporting that there is a buffer overflow problem  with zlib
in linux, which is used for network compression. Supposedly, someone
could remotely cause a buffer overflow through mozilla, X11 and many
other programs." The advisory from Red Hat is available.

http://www.linuxsecurity.com/advisories/redhat_advisory-1963.html has
the advisory and links to the update packages for RedHat. I'm not sure
if this is RedHat specific (I don't think so), but the security
implications of hitting a crafted png image on a website and having a
backdoor inserted is very unnerving.
James P. Kinney III   \Changing the mobile computing world/
President and COO      \          one Linux user         /
Local Net Solutions,LLC \           at a time.          /
770-493-8244             \.___________________________./

GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7 

 This is a digitally signed message part