Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 568
Alerts This Week
Warning Icon 1 568

Debian: DSA 100-1 Moderate: Gzip Buffer Overflow Advisory

debian
Calendar Grey January 13, 2002
Debian Logo
Follow these steps to update your Debian system, enhancing security against the gzip buffer overflow vulnerability to maintain optimal performance and safety
GOBBLES found a buffer overflow in gzip that occurs when compressingfiles with really long filenames

Summary

Debian Security Advisory DSA 100-1 security@debian.org
Debian -- Security Information Martin Schulze
January 13th, 2002

Package : gzip
Vulnerability : Potential buffer overflow
Problem-Type : local
Debian-specific: no

GOBBLES found a buffer overflow in gzip that occurs when compressing
files with really long filenames. Even though GOBBLES claims to have
developed an exploit to take advantage of this bug, it has been said
by others that this problem is not likely to be exploitable as other
security incidents.

Additionally, the Debian version of gzip from the stable release does
not segfault, and hence does not directly inherit this problem.
However, better be safe than sorry, so we have prepared an update for
you.

Please make sure you are running an up-to-date version from
stable/unstable/testing with at least version 1.2.4-33.

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are us...

Read the Full Advisory

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.