[ale] zlib security problem
James P. Kinney III
jkinney at localnetsolutions.com
Mon Mar 11 16:34:43 EST 2002
>From slashdot come distressing news:
"CNET is reporting that there is a buffer overflow problem with zlib
in linux, which is used for network compression. Supposedly, someone
could remotely cause a buffer overflow through mozilla, X11 and many
other programs." The advisory from Red Hat is available.
http://www.linuxsecurity.com/advisories/redhat_advisory-1963.html has
the advisory and links to the update packages for RedHat. I'm not sure
if this is RedHat specific (I don't think so), but the security
implications of hitting a crafted png image on a website and having a
backdoor inserted is very unnerving.
--
James P. Kinney III \Changing the mobile computing world/
President and COO \ one Linux user /
Local Net Solutions,LLC \ at a time. /
770-493-8244 \.___________________________./
GPG ID: 829C6CA7 James P. Kinney III (M.S. Physics)
<jkinney at localnetsolutions.com>
Fingerprint = 3C9E 6366 54FC A3FE BA4D 0659 6190 ADC3 829C 6CA7
This is a digitally signed message part
More information about the Ale
mailing list