USN-151-1: zlib vulnerability

21 July 2005

zlib vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

USN-148-1 fixed an improver input verification of zlib (CAN-2005-2096). Markus Oberhumer discovered additional ways a disrupted stream could trigger a buffer overflow and crash the application using zlib, so another update is necessary.

zlib is used by hundreds of server and client applications, so this vulnerability could be exploited to cause Denial of Service attacks to almost all services provided by an Ubuntu system.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
zlib1g
Ubuntu 4.10
zlib1g

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References