zlib-1.2.3 fixes security vulnerabilities in LFS-6.1

Matthew Burgess matthew at linuxfromscratch.org
Wed Jul 27 14:01:21 PDT 2005


Hi folks,

The security patch used in LFS-6.1 fixed an input verification problem 
in zlib (CAN-2005-2096).  However, additional ways that a disrupted 
stream could cause a buffer overflow and crash an application that uses 
zlib were found by Markus Oberhumer.  It is therefore recommended that 
zlib be upgraded to 1.2.3 in order to fix the problem.

Regards,

Matt.



More information about the lfs-security mailing list