Debian Information for VU#368819

Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures

Status

Affected

Vendor Statement

Users of Debian GNU/Linux 2.2 (potato) should upgrade to zlib version 1.1.3-5.1. More information is available at http://www.debian.org/security/2002/dsa-122. Note that a few packages which include private copies of zlib will also need to be upgraded--more information is available at the above link.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Debian has released Debian Security Advisory DSA-122-1 to address this issue; for more information, please see