Red Hat, Inc. Information for VU#680620

zlib inflate() routine vulnerable to buffer overflow



Vendor Statement

Vendor statement; Red Hat:

This issue affected Red Hat Enterprise Linux 4. Updated packages were made available on July 6th along with our advisory at the URL below. Red
Hat Enterprise Linux 2.1 and 3 were not affected by this issue as they shipped a version of zlib not affected by this issue.

Vendor statement; Fedora Project:

Updated zlib packages are available for Fedora Core 3 and Fedora Core 4:

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



We have no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.