Debian Information for VU#368819

Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures



Vendor Statement

Users of Debian GNU/Linux 2.2 (potato) should upgrade to zlib version 1.1.3-5.1. More information is available at Note that a few packages which include private copies of zlib will also need to be upgraded--more information is available at the above link.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



Debian has released Debian Security Advisory DSA-122-1 to address this issue; for more information, please see