Network Security Audits / Vulnerability Assessments by SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

--------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2005-83
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
--------------------------------------------------------------------------

Original released date: 18 Aug 2005
Last revised: 18 Aug 2005

Package: zlib

Summary: Buffer overflows

More information:
    zlib is designed to be a free, general-purpose, legally unencumbered
    -- that is, not covered by any patents -- lossless data-compression
    library for use on virtually any computer hardware and operating system.

    Buffer overflow vulnerabilities exist in zlib.

Impact:
    The zlib allows remote attackers to cause a denial of service (application crash).

Affected Products:
    - Turbolinux 10 Server

Solution:
    Please use the turbopkg (zabom) tool to apply the update.
---------------------------------------------
# turbopkg
or
# zabom -u zlib zlib-devel
---------------------------------------------

<Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/zlib-1.2.1-5.src.rpm
       294283 4464688c451420e216644ee25de63f79

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/zlib-1.2.1-5.i586.rpm
        65959 0466fe664da5a0a50e36bc11c974e484
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/zlib-debug-1.2.1-5.i586.rpm
       125766 73854c7bd5f238fb342be55b4258ca43
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/zlib-devel-1.2.1-5.i586.rpm
        61719 07f9fa7e243a89f243450a72b3ef261b

References:

CVE
   [CAN-2005-1849]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849

--------------------------------------------------------------------------
Revision History
    18 Aug 2005 Initial release
--------------------------------------------------------------------------

Copyright(C) 2005 Turbolinux, Inc. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDBDJlK0LzjOqIJMwRApb5AJ9+eLdWB9AMNP/QoeHb7UOFNrtFFACeOMhN
s1Uol/XZHgiEKvgftpL6pIQ=
=PR2/
-----END PGP SIGNATURE-----