USN-151-2: zlib vulnerabilities

23 July 2005

dpkg, ia32-libs, amd64-libs vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

USN-148-1 and USN-151-1 fixed two security flaws in zlib, which could be exploited to cause Denial of Service attacks or even arbitrary code execution with malicious data streams.

Most applications use the shared library provided by the “zlib1g” package; however, some packages contain copies of the affected zlib code, so they need to be upgraded as well.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
amd64-libs
amd64-libs-dev
dpkg
dpkg-dev
dselect
ia32-libs
ia32-libs-dev
Ubuntu 4.10
amd64-libs
amd64-libs-dev
dpkg
dpkg-dev
dselect
ia32-libs
ia32-libs-dev

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References