Fedora Core 5: 2006-989 Critical: Gzip Buffer Overflow Issues

The gzip package contains the popular GNU gzip data compression

program. Gzipped files have a .gz extension.

Gzip should be installed on your Red Hat Linux system, because it is a

very commonly used data compression program.

- fix bug 204676 (patches by Tavis Ormandy)

- cve-2006-4334 - null dereference problem

- cve-2006-4335 - buffer overflow problem

- cve-2006-4336 - buffer underflow problem

- cve-2006-4338 - infinite loop problem

- cve-2006-4337 - buffer overflow problem

058b352c889d357d2f369d8358643b16820c5e22 SRPMS/gzip-1.3.5-7.fc5.src.rpm

058b352c889d357d2f369d8358643b16820c5e22 noarch/gzip-1.3.5-7.fc5.src.rpm

a9679679039bf6a7646dc18ab267b87a905aee4d ppc/debug/gzip-debuginfo-1.3.5-7.fc5.ppc.rpm

e9199ea8e46e2e3ead27eae3a1159f4fb47c8d1a ppc/gzip-1.3.5-7.fc5.ppc.rpm

cc837290ccd3b1427d0121cc668fdf4e282e39f3 x86_64/debug/gzip-debuginfo-1.3.5-7.fc5.x86_64.rpm

d7a7b184f5b98b58ea680fe49414b5b4f88b4ac4 x86_64/gzip-1.3.5-7.fc5.x86_64.rpm

a9450c087c726cb7dba45c97a2507706057a3d84 i386/debug/gzip-debuginfo-1.3.5-7.fc5.i386.rpm

7c1a6092d74f53916a9046c118a25b386993212e i386/gzip-1.3.5-7.fc5.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/