search.internet.com

Become a Marketplace Partner internet.commerce Be a Commerce Partner Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Technology Jobs LinuxToday Newsletters Subscribe News Subscribe PR Subscribe Security internet.com IT Developer Internet News Small Business Personal Technology Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers

Current Newswire: Simon Phipps elected as OSI director Beginner’s Guide to Git Day 3 of the Trial, Through the Eyes of Groklaw and the SL Tribune AMD to Introduce Netbook Chip in 2011 Ubuntu Enterprise Cloud Deployed on Intel Hardware 10 ways you might be breaking the law with your computer: UPDATED Health Check: Mandriva How to Install Debian Linux on an Embedded System First Fedora 13 Linux Alpha Shows Promise How to Create Space Scenes Quickly and Easily in Gimp HPC Linux Administrator (IL) Next Step Systems US-IL-Chicago Post A Job | Post A Resume Conectiva Linux Advisory: zlib Oct 26, 2004, 16 :44 UTC (0 Talkback[s]) (2253 reads) CONECTIVA LINUX SECURITY ANNOUNCEMENT PACKAGE : zlib SUMMARY : Fix for denial of service vulnerabilities DATE : 2004-10-25 15:45:00 ID : CLA-2004:878 RELEVANT RELEASES : 10 DESCRIPTION "zlib"[1] is a compression library used by several programs. This announcement improves the correction adopted by the previous one[2] by adding a single missing hunk to the correction's patch. Due to a Debian bug report[3], a denial of service vulnerability[4] was discovered in the zlib compression library versions 1.2.x, in the inflate() and inflateBack() functions. An attacker could exploit this vulnerability to launch a denial of service attack on any application using the zlib library. Older versions of zlib are not affected. SOLUTION It is recommended that all Conectiva Linux users upgrade their packages. IMPORTANT: all applications linked against zlib must be restarted after the upgrade in order to close the vulnerabilities. REFERENCES 1.http://www.gzip.org/zlib/ 2.http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000865&idioma=en 3.http://bugs.debian.org/252253 4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/10/SRPMS/libz1-1.2.1-47972U10_2cl.src.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/libz1-1.2.1-47972U10_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/libz-devel-1.2.1-47972U10_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/libz-devel-static-1.2.1-47972U10_2cl.i386.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: run: apt-get update after that, execute: apt-get upgrade Detailed instructions regarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en Copyright (c) 2004 Conectiva Inc. http://www.conectiva.com No talkbacks posted.   Home | Search Talkbacks | Customize View    Top of Page   Enter your comments below: * Your Name: * Your Email Address: * Subject: CC: [will also send this talkback to an E-Mail address] * Comments: Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content. Fields marked with * are required!

All times are recorded in UTC. Linux is a trademark of Linus Torvalds. Powered by Linux, Apache and PHP The Network for Technology Professionals Search: About Internet.com Legal Notices, Licensing, Permissions, Privacy Policy. Advertise | Newsletters | E-mail Offers Solutions Whitepapers and eBooks Intel Whitepaper: 2010 Intel Core vPro Processors Overview Article: Adobe Helps PHP Developers Create Rich Internet Applications Article: Reduce Your Infrastructure Costs with Microsoft System Center Intel Brief: Five-Star IT Support--Intel Core 2 processor with vPro Delivers ROI of 524 Percent Article: Security Enhancements Abound in Windows Server 2008 Intel Whitepaper: Implementing Intel vPro Technology to Drive Down Client Management Costs Microsoft Whitepaper: Improve Communications and Collaboration Intel Article: Intel Core i5 vPro Brings Intelligence to the Processor Microsoft Personalized Whitepapers and Resources for You Microsoft Articles: Visual Studio 2010 Adobe Article: Java Developers Finding a Home at Adobe Flex Microsoft Whitepaper: Make Better Decisions - SQL Server 2008 Business Intelligence. MORE WHITEPAPERS, EBOOKS, AND ARTICLES Webcasts Micro Focus Webcast: Boosting the Impact and Effectiveness of Software Development QA and Testing Microsoft Webcast: Simplified Access and Single Sign-On Intel Video: 2010 Intel Core Processor Technologies MORE WEBCASTS, PODCASTS, AND VIDEOS Downloads and eKits Adobe Download: Tour de Flex Application and Explore Flex Get Started: Create Applications Without Infrastructure Limits with the Windows Azure Platform HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS Tutorials and Demos Free Adobe Online Flex Training: Check Out this Video Training Course Here Develop Cloud Applications - Get Started Now with the Windows Azure Platform Learn Unified Communications Learn SQL Server 2008 Learn Windows Server 2008 R2 Internet.com Hot List: Get the Inside Scoop on IT and Developer Products Join the Intel AtomDeveloper Program: Develop and sell netbook applications! Learn Forefront Learn System Center All About Botnets Learn SharePoint MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES