Red Hat, Inc. Information for VU#680620

zlib inflate() routine vulnerable to buffer overflow

Status

Affected

Vendor Statement

Vendor statement; Red Hat:

This issue affected Red Hat Enterprise Linux 4. Updated packages were made available on July 6th along with our advisory at the URL below. Red
Hat Enterprise Linux 2.1 and 3 were not affected by this issue as they shipped a version of zlib not affected by this issue.

http://rhn.redhat.com/errata/RHSA-2005-569.html

Vendor statement; Fedora Project:

Updated zlib packages are available for Fedora Core 3 and Fedora Core 4:

http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00017.html
http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00016.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.