Fedora 42: 2025-6f6043cb99 Critical: zsync Pointer Arithmetic Fix
fedora
May 23, 2025
fix zlib source path in patch file
Summary
zsync is a file transfer program. It allows you to download a file from a
remote server, where you have a copy of an older version of the file on your
computer already. zsync downloads only the new parts of the file. It uses the
same algorithm as rsync. However, where rsync is designed for synchronising
data from one computer to another within an organisation, zsync is designed for
file distribution, with one file on a server to be distributed to thousands of
downloaders. zsync requires no special server software - just a web server to
host the files - and imposes no extra load on the server, making it ideal for
large scale file distribution.
Update Information:
fix zlib source path in patch file
Topics Covered
Change Log
* Thu May 15 2025 Tobias Girstmair
References
[ 1 ] Bug #2366435 - CVE-2025-4638 zsync: Improper Pointer Arithmetic in pcl [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366435
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6f6043cb99' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
critical
Lowest
Low
Medium
High
Critical
Name: zsync
Product: Fedora 42
Version: 0.6.2
Release: 3.fc42
Summary: a file transfer program using the same algorithm as rsync over HTTP
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!