Date: Tue, 12 Mar 2002 09:49:05 -0600 From: Bob Bomar <rbbomar@fly.homeunix.org> To: questions@freebsd.org Subject: Re: zLib 1.1.3 bug also applicable in FreeBSD? Message-ID: <20020312094905.C33915@fly.homeunix.org> In-Reply-To: <3C8DB005.9141D2C@phonax.com>; from rdoetjes@phonax.com on Tue, Mar 12, 2002 at 08:36:38AM %2B0100 References: <3C8DB005.9141D2C@phonax.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--zCKi3GIZzVBPywwA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Mar 12, 2002 at 08:36:38AM +0100, Raymond Doetjes wrote: > L.S: >=20 > I don't know whether you have heard it from the Linux distro's but zlib > has a potential exploit due to the fact that alloced memory can be freed > twice. > zlib is commonly used in al kinds of compress tools, zlib-1.1.3 is also > used on FreeBSD and undoubtedly the bug is in here aswell. >=20 > Are there security advisories available and updated ports that link to > 1.1.4 instead of 1.1.3? > Does FreeBSD ports collection only do a dynamic link to zlib or also > static? >=20 > Raymond >=20 > -- > Unix Solutions http://www.phonax.com mailto:rdoetjes@phonax.com >=20 > Unix is not "just" an Operating System > Unix is a way of life >=20 > phone: (+)31 (0)30 6061361 > mobile: (+)31 (0)6 11437280 >=20 >=20 http://docs.freebsd.org/cgi/getmsg.cgi?fetch=3D50881+0+current/freebsd-secu= rity Doesnt affect FreeBSD --=20 |------------------------------------| | Bob Bomar | | rbbomar@fly.homeunix.org | | http://fly.homeunix.org/~bob | |=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D| | FreeBSD: The Power to Serve | | http://www.FreeBSD.org | |------------------------------------| --zCKi3GIZzVBPywwA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8jiNxgRE7A1Lz3hQRAjkXAJ9b+zJHlmoEfiWTVhW98xIPDEkQxwCfRwSy GZoIyvXCUBKLZGBzkUG7m+Y= =yY8M -----END PGP SIGNATURE----- --zCKi3GIZzVBPywwA-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020312094905.C33915>