r516 - html/trunk/lfs/errata/6.1

matthew at linuxfromscratch.org matthew at linuxfromscratch.org
Thu Jul 28 12:38:12 PDT 2005

Author: matthew
Date: 2005-07-28 13:38:12 -0600 (Thu, 28 Jul 2005)
New Revision: 516

Updated zlib related errata with further information

Modified: html/trunk/lfs/errata/6.1/index.html
--- html/trunk/lfs/errata/6.1/index.html	2005-07-28 04:46:19 UTC (rev 515)
+++ html/trunk/lfs/errata/6.1/index.html	2005-07-28 19:38:12 UTC (rev 516)
@@ -9,8 +9,11 @@
         <li>A security vulnerability exists in zlib-1.2.2 whereby disrupted
-            streams can cause a buffer overflow.  Zlib-1.2.3 fixes this issue.
-            Users are strongly recommended to upgrade to Zlib-1.2.3.</li>
+            streams can cause a buffer overflow (CAN-2005-1849).  Users are
+            strongly recommended to upgrade to Zlib-1.2.3, which fixes the
+            problem.  Note that this is a different vulnerability than the one
+            addressed by the security patch in LFS-6.1 (that fixes
+            CAN-2005-2096).</li>
         <li>The command 'groups' is listed under Shadow's list of installed
             files, but it is installed by Coreutils.  Thanks to Randy McMurchy
             for the report.</li>

More information about the website mailing list