USN-151-1: zlib vulnerability

21 July 2005

zlib vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description


USN-148-1 fixed an improver input verification of zlib (CAN-2005-2096). Markus Oberhumer discovered additional ways a disrupted stream could trigger a buffer overflow and crash the application using zlib, so another update is necessary.

zlib is used by hundreds of server and client applications, so this vulnerability could be exploited to cause Denial of Service attacks to almost all services provided by an Ubuntu system.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
Ubuntu 4.10

To update your system, please follow these instructions: