search.internet.com

Become a Marketplace Partner internet.commerce Be a Commerce Partner Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Technology Jobs LinuxToday Newsletters Subscribe News Subscribe PR Subscribe Security internet.com IT Developer Internet News Small Business Personal Technology Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers

Current Newswire: Power Up Linux GUI Apps Ksplice debuts zero downtime service for Linux BM Ups Its Processor Power to 7 KDE.org Relaunched for Software Compilation 4.4 The application is the new the operating system Linux can compete with the iPad on price, but where’s the magic? The Bruno Knaapen Technology Learning Center is Established Anjal: GNOME's Evolution for Netbooks Linux Mint 8 KDE Community Edition Open source means freedom from 'anti-features' UNIX Systems Administrator (IL) Next Step Systems US-IL-Chicago Post A Job | Post A Resume Conectiva Linux Advisory: zlib Oct 26, 2004, 16 :44 UTC (0 Talkback[s]) (2230 reads) CONECTIVA LINUX SECURITY ANNOUNCEMENT PACKAGE : zlib SUMMARY : Fix for denial of service vulnerabilities DATE : 2004-10-25 15:45:00 ID : CLA-2004:878 RELEVANT RELEASES : 10 DESCRIPTION "zlib"[1] is a compression library used by several programs. This announcement improves the correction adopted by the previous one[2] by adding a single missing hunk to the correction's patch. Due to a Debian bug report[3], a denial of service vulnerability[4] was discovered in the zlib compression library versions 1.2.x, in the inflate() and inflateBack() functions. An attacker could exploit this vulnerability to launch a denial of service attack on any application using the zlib library. Older versions of zlib are not affected. SOLUTION It is recommended that all Conectiva Linux users upgrade their packages. IMPORTANT: all applications linked against zlib must be restarted after the upgrade in order to close the vulnerabilities. REFERENCES 1.http://www.gzip.org/zlib/ 2.http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000865&idioma=en 3.http://bugs.debian.org/252253 4.http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/10/SRPMS/libz1-1.2.1-47972U10_2cl.src.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/libz1-1.2.1-47972U10_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/libz-devel-1.2.1-47972U10_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/10/RPMS/libz-devel-static-1.2.1-47972U10_2cl.i386.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: run: apt-get update after that, execute: apt-get upgrade Detailed instructions regarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en Copyright (c) 2004 Conectiva Inc. http://www.conectiva.com No talkbacks posted.   Home | Search Talkbacks | Customize View    Top of Page   Enter your comments below: * Your Name: * Your Email Address: * Subject: CC: [will also send this talkback to an E-Mail address] * Comments: Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content. Fields marked with * are required!

All times are recorded in UTC. Linux is a trademark of Linus Torvalds. Powered by Linux, Apache and PHP The Network for Technology Professionals Search: About Internet.com Legal Notices, Licensing, Permissions, Privacy Policy. Advertise | Newsletters | E-mail Offers Solutions Whitepapers and eBooks Microsoft Personalized Whitepapers and Resources for You Article: Why Migrating from MySQL to SQL Server 2008 Makes Sense Articles: Build a More Agile Business with IBM Articles: IBM Offers Enhanced Measurement and Management for Energy Usage Microsoft Article: Windows 7 Features Your Clients Will Need on Day One Articles: IBM Helps Transformation to an Information-Based Enterprise Microsoft Articles: Visual Studio 2010 Adobe Article: Java Developers Finding a Home at Adobe Flex MORE WHITEPAPERS, EBOOKS, AND ARTICLES Webcasts Webcast: Connecting PHP to Microsoft Technologies Video: Windows Azure Debugging Tips MORE WEBCASTS, PODCASTS, AND VIDEOS Downloads and eKits Ready. Set. Windows 7. HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us Microsoft Free Trials: Windows Server 2008 R2, Exchange Server 2010 and Windows 7 Get the Windows 7 SDK Free Trial: Red Gate SQL Backup Pro 6 Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS Tutorials and Demos Learn Unified Communications BlackBerry Application Development Resources Learn SQL Server 2008 Learn Windows Server 2008 R2 Internet.com Hot List: Get the Inside Scoop on IT and Developer Products Learn Forefront Learn System Center All About Botnets Learn SharePoint MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES