Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2005.0582 -- RHSA-2005:584-01 Important: zlib security update 22 July 2005 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: zlib Publisher: Red Hat Operating System: Red Hat Enterprise Linux AS/ES/WS 4 Red Hat Enterprise Linux Desktop 4 UNIX variants Impact: Denial of Service CVE Names: CAN-2005-2096 CAN-2005-1849 Ref: ESB-2005.0577 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2005-584.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: zlib security update Advisory ID: RHSA-2005:584-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-584.html Issue date: 2005-07-21 Updated on: 2005-07-21 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2005:569 CVE Names: CAN-2005-1849 - - --------------------------------------------------------------------- 1. Summary: Updated zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Zlib is a general-purpose lossless data compression library that is used by many different programs. A previous zlib update, RHSA-2005:569 (CAN-2005-2096) fixed a flaw in zlib that could allow a carefully crafted compressed stream to crash an application. While the original patch corrected the reported overflow, Markus Oberhumer discovered additional ways a stream could trigger an overflow. An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. As an example, an attacker could create a malicious PNG image file that would cause a Web browser or mail viewer to crash if the image is viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2005-1849 to this issue. Note that the versions of zlib shipped with Red Hat Enterprise Linux 2.1 and 3 are not vulnerable to this issue. All users should update to these errata packages that contain a patch from Mark Adler that corrects this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163037 - CAN-2005-1849 zlib buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/zlib-1.2.1.2-1.2.src.rpm 53285b12c3dd5df4124d06fb883babad zlib-1.2.1.2-1.2.src.rpm i386: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm ia64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 1312f81b44238af7a12e6d129c2a4214 zlib-1.2.1.2-1.2.ia64.rpm 8c33f481ebacb03cd7e4a14260ca99fe zlib-devel-1.2.1.2-1.2.ia64.rpm ppc: d9cd4122eccc130ec2a6d7c64444c3b9 zlib-1.2.1.2-1.2.ppc.rpm c2191b6f367b068c5aadad73bbf22c5c zlib-1.2.1.2-1.2.ppc64.rpm 961c16ee93912237b347328f73fa3c9b zlib-devel-1.2.1.2-1.2.ppc.rpm 235b2aec2af9595771b10218ec467635 zlib-devel-1.2.1.2-1.2.ppc64.rpm s390: 7efc2375f317b93d57d360cd4ac5a296 zlib-1.2.1.2-1.2.s390.rpm 942b1745f31f9719a6c0a8d5c7fef689 zlib-devel-1.2.1.2-1.2.s390.rpm s390x: 7efc2375f317b93d57d360cd4ac5a296 zlib-1.2.1.2-1.2.s390.rpm 2fddcbebe2083e23a16353719f241c44 zlib-1.2.1.2-1.2.s390x.rpm 942b1745f31f9719a6c0a8d5c7fef689 zlib-devel-1.2.1.2-1.2.s390.rpm 6797b66922691f00c5f6c1454c2522fe zlib-devel-1.2.1.2-1.2.s390x.rpm x86_64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 2888c31cba9b579a69c08fb52a6464b3 zlib-1.2.1.2-1.2.x86_64.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm 9c789749e4d9a8e051f884cc29f307aa zlib-devel-1.2.1.2-1.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/zlib-1.2.1.2-1.2.src.rpm 53285b12c3dd5df4124d06fb883babad zlib-1.2.1.2-1.2.src.rpm i386: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm x86_64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 2888c31cba9b579a69c08fb52a6464b3 zlib-1.2.1.2-1.2.x86_64.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm 9c789749e4d9a8e051f884cc29f307aa zlib-devel-1.2.1.2-1.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/zlib-1.2.1.2-1.2.src.rpm 53285b12c3dd5df4124d06fb883babad zlib-1.2.1.2-1.2.src.rpm i386: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm ia64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 1312f81b44238af7a12e6d129c2a4214 zlib-1.2.1.2-1.2.ia64.rpm 8c33f481ebacb03cd7e4a14260ca99fe zlib-devel-1.2.1.2-1.2.ia64.rpm x86_64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 2888c31cba9b579a69c08fb52a6464b3 zlib-1.2.1.2-1.2.x86_64.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm 9c789749e4d9a8e051f884cc29f307aa zlib-devel-1.2.1.2-1.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/zlib-1.2.1.2-1.2.src.rpm 53285b12c3dd5df4124d06fb883babad zlib-1.2.1.2-1.2.src.rpm i386: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm ia64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 1312f81b44238af7a12e6d129c2a4214 zlib-1.2.1.2-1.2.ia64.rpm 8c33f481ebacb03cd7e4a14260ca99fe zlib-devel-1.2.1.2-1.2.ia64.rpm x86_64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 2888c31cba9b579a69c08fb52a6464b3 zlib-1.2.1.2-1.2.x86_64.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm 9c789749e4d9a8e051f884cc29f307aa zlib-devel-1.2.1.2-1.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC3+iyXlSAg2UNWIIRAuy4AKC/6S+MgKGu1gK0fMNTWySgFXxpXwCglkBU BJqle8b0ZA+7+YBV8QSzI0U= =xI56 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQuA+Kih9+71yA2DNAQIuTQP+OxFuSWSphiy60DRLZJ58P755pVDwrKez Sxaf+Utm7LANEFfoDl1xysSJ6mgWFK6emDExiPqFeiuBPkY/OYUyAQgCSG6Lo6nQ COmzqqW0GDJCTe+opkUNcF0qgRrkWRcWOjAjWb0UC7hzKdPWxvzcfyEnYJX+AaJQ DFbdpUj0YpY= =rJaZ -----END PGP SIGNATURE-----