FreeBSD Information for VU#238678

The zlib compression library is vulnerable to a denial-of-service condition


Not Affected

Vendor Statement

The affected versions of zlib, zlib 1.2.x, have not shipped with any version of FreeBSD. The upcoming FreeBSD 5.3-RELEASE will include zlib 1.2.1, but the vulnerability has already been corrected in the FreeBSD development branch.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.