Fedora 41: zsync 2025-8365ba2261 critical: pointer arithmetic risk
fedora
May 23, 2025
fix zlib source path in patch file
Summary
zsync is a file transfer program. It allows you to download a file from a
remote server, where you have a copy of an older version of the file on your
computer already. zsync downloads only the new parts of the file. It uses the
same algorithm as rsync. However, where rsync is designed for synchronising
data from one computer to another within an organisation, zsync is designed for
file distribution, with one file on a server to be distributed to thousands of
downloaders. zsync requires no special server software - just a web server to
host the files - and imposes no extra load on the server, making it ideal for
large scale file distribution.
Update Information:
fix zlib source path in patch file
Change Log
* Thu May 15 2025 Tobias Girstmair
References
[ 1 ] Bug #2366424 - CVE-2025-4638 zsync: Improper Pointer Arithmetic in pcl [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2366424
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8365ba2261' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: zsync
Product: Fedora 41
Version: 0.6.2
Release: 3.fc41
Summary: a file transfer program using the same algorithm as rsync over HTTP
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!