drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in zlib
Name: |
Denial of Service in zlib
|
|
ID: |
USN-151-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 4.10, Ubuntu 5.04 |
|
Datum: |
Fr, 22. Juli 2005, 13:00 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849 |
|
Applikationen: |
zlib |
|
Originalnachricht |
--===============1983714495= protocol="application/pgp-signature"; boundary="NzB8fVQJ5HfG6fxh" Content-Disposition: inline
--NzB8fVQJ5HfG6fxh Content-Disposition: inline Content-Transfer-Encoding: quoted-printable
=========================================================== Ubuntu Security Notice USN-151-1 July 21, 2005 zlib vulnerability CAN-2005-1849 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog)
The following packages are affected:
zlib1g
The problem can be corrected by upgrading the affected package to version 1:1.2.1.1-3ubuntu1.2 (for Ubuntu 4.10), or 1:1.2.2-4ubuntu1.2 (for Ubuntu 5.04).
A standard system upgrade is NOT SUFFICIENT to effect the necessary changes! If you can afford to reboot your machine, this is the easiest way to ensure that all services using this library are restarted correctly. If not, please manually restart all server applications.
Details follow:
USN-148-1 fixed an improver input verification of zlib (CAN-2005-2096). Markus Oberhumer discovered additional ways a disrupted stream could trigger a buffer overflow and crash the application using zlib, so another update is necessary.
zlib is used by hundreds of server and client applications, so this vulnerability could be exploited to cause Denial of Service attacks to almost all services provided by an Ubuntu system.
Updated packages for Ubuntu 4.10 (Warty Warthog):
Source archives:
zlib_1.2.1.1-3ubuntu1.2.diff.gz Size/MD5: 15670 c9f25a7839f5a5c103ce683213e98110 zlib_1.2.1.1-3ubuntu1.2.dsc Size/MD5: 615 3c59d27929838076fd33dbb71f8d64d3 http://security.ubuntu.com/ubuntu/pool/main/z/zlib/zlib_1.2.1.1.orig.tar.gz Size/MD5: 345935 a98b37434fb4508cb90d5606bfe8c716
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
zlib-bin_1.2.1.1-3ubuntu1.2_amd64.deb Size/MD5: 27194 3e0dd478fb932b26ae44d7b5d2b648b6 zlib1g-dev_1.2.1.1-3ubuntu1.2_amd64.deb Size/MD5: 423402 b6f656fa91f566abf059fed47b16a5bf zlib1g-udeb_1.2.1.1-3ubuntu1.2_amd64.udeb Size/MD5: 42886 91a34004dbf0f27159d0fafb29e20662 zlib1g_1.2.1.1-3ubuntu1.2_amd64.deb Size/MD5: 66610 0e38cf14dcc7fcb4f2ecce443eee1db2
i386 architecture (x86 compatible Intel/AMD)
zlib-bin_1.2.1.1-3ubuntu1.2_i386.deb Size/MD5: 24598 260d26e6f16655ad34165bc61bcd562b zlib1g-dev_1.2.1.1-3ubuntu1.2_i386.deb Size/MD5: 403864 1377635e147cbe87012ad485fe540fcc zlib1g-udeb_1.2.1.1-3ubuntu1.2_i386.udeb Size/MD5: 37378 5fe41e0adc5cc363da7df70bb542ef84 zlib1g_1.2.1.1-3ubuntu1.2_i386.deb Size/MD5: 61122 02c57d6b9c2fff96f068a3e55478a46d
powerpc architecture (Apple Macintosh G3/G4/G5)
zlib-bin_1.2.1.1-3ubuntu1.2_powerpc.deb Size/MD5: 29276 b3d70bc4dd8f602847ae6cacb757856c zlib1g-dev_1.2.1.1-3ubuntu1.2_powerpc.deb Size/MD5: 442116 f82df965fd614de3e372856611ca767c zlib1g-udeb_1.2.1.1-3ubuntu1.2_powerpc.udeb Size/MD5: 44778 cbb30266486666a2c6bada98fa0c3590 zlib1g_1.2.1.1-3ubuntu1.2_powerpc.deb Size/MD5: 68712 a8ee86ad9b5ccffb88b060745482b3c8
Updated packages for Ubuntu 5.04 (Hoary Hedgehog):
Source archives:
zlib_1.2.2-4ubuntu1.2.diff.gz Size/MD5: 15117 e6d6ecb1aa566866cdbf1514f24a9fef zlib_1.2.2-4ubuntu1.2.dsc Size/MD5: 691 958db7bd20c218a240d212d23f740e48 http://security.ubuntu.com/ubuntu/pool/main/z/zlib/zlib_1.2.2.orig.tar.gz Size/MD5: 430700 d43dabe3d374e299f2631c5fc5ce31f5
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
zlib-bin_1.2.2-4ubuntu1.2_amd64.deb Size/MD5: 28284 7f8be8ea9f1f07f0fb85a9a05d26fb80 zlib1g-dev_1.2.2-4ubuntu1.2_amd64.deb Size/MD5: 503050 ad5a80352f07abfe7b22b22171969249 zlib1g-udeb_1.2.2-4ubuntu1.2_amd64.udeb Size/MD5: 42920 437a7c8359db9540cace6c4305fd516d zlib1g_1.2.2-4ubuntu1.2_amd64.deb Size/MD5: 67868 2dd68a25dfa7803067c6b2616865367e
i386 architecture (x86 compatible Intel/AMD)
zlib-bin_1.2.2-4ubuntu1.2_i386.deb Size/MD5: 25568 be825d29e03b67083757defc390e6a42 zlib1g-dev_1.2.2-4ubuntu1.2_i386.deb Size/MD5: 483986 4ce5a8181cb12ecea1bee98d876d677f zlib1g-udeb_1.2.2-4ubuntu1.2_i386.udeb Size/MD5: 37402 8503f5c38be3a1551198a56f9d06394f zlib1g_1.2.2-4ubuntu1.2_i386.deb Size/MD5: 62416 a9db1c1d89e2b80cd0d4a7a77a41d501
powerpc architecture (Apple Macintosh G3/G4/G5)
zlib-bin_1.2.2-4ubuntu1.2_powerpc.deb Size/MD5: 30344 2294d0e743c50ecbfd2e998ddc797b06 zlib1g-dev_1.2.2-4ubuntu1.2_powerpc.deb Size/MD5: 523122 71c0cce57a9b9d33f24b05f6fa0d7177 zlib1g-udeb_1.2.2-4ubuntu1.2_powerpc.udeb Size/MD5: 44788 f78614ffae7658d92f0b58524f04909e zlib1g_1.2.2-4ubuntu1.2_powerpc.deb Size/MD5: 69998 95b5de13a5d4c9c7c2aa3962f2cd1b18
--NzB8fVQJ5HfG6fxh Content-Description: Digital signature Content-Disposition: inline
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFC33KCDecnbV4Fd/IRAgvnAJ9Zl+0z1Ofc+UYefpWyglEVVAgmaQCgmOc9 4pfPf35JNLHn4d0RPv0WmF0= =ndes -----END PGP SIGNATURE-----
--NzB8fVQJ5HfG6fxh--
--===============1983714495=MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1983714495==--
|
|
|
|