Red Hat Inc. Information for VU#368819
Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures
- Vendor Information Help Date Notified: 07 Feb 2002
- Statement Date:
- Date Updated: 14 Mar 2002
Red Hat Linux ships with a zlib library that is vulnerable to this issue. Although most packages in Red Hat Linux use the shared zlib library we have identified a number of packages that either statically link to zlib or contain an internal version of the zlib code.
Updates to zlib and these packages as well as our advisory note are available from the following URL. Users of the Red Hat Network can use the up2date tool to automatically upgrade their systems.
Red Hat would like to thank CERT/CC for their help in coordinating this issue with other vendors.
The vendor has not provided us with any further information regarding this vulnerability.
Red Hat has published information regarding this vulnerability at the following locations:
If you have feedback, comments, or additional information about this vulnerability, please send us email.