MGASA-2022-0124 - Updated zlib packages fix security vulnerability Publication date: 31 Mar 2022 URL: https://advisories.mageia.org/MGASA-2022-0124.html Type: security Affected Mageia releases: 8 CVE: CVE-2018-25032 zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. (CVE-2018-25032) Update to release 1.2.12 for additional bug fixes. See the changelog for details. References: - https://bugs.mageia.org/show_bug.cgi?id=30204 - https://www.openwall.com/lists/oss-security/2022/03/24/1 - https://www.openwall.com/lists/oss-security/2022/03/25/2 - https://www.zlib.net/ChangeLog.txt - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032 SRPMS: - 8/core/zlib-1.2.12-1.mga8
Mageia 2022-0124: zlib security update
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches
Summary
zlib before 1.2.12 allows memory corruption when deflating (i.e., when
compressing) if the input has many distant matches. (CVE-2018-25032)
Update to release 1.2.12 for additional bug fixes. See the changelog for
details.
References
- https://bugs.mageia.org/show_bug.cgi?id=30204
- https://www.openwall.com/lists/oss-security/2022/03/24/1
- https://www.openwall.com/lists/oss-security/2022/03/25/2
- https://www.zlib.net/ChangeLog.txt
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
Resolution
MGASA-2022-0124 - Updated zlib packages fix security vulnerability
SRPMS
- 8/core/zlib-1.2.12-1.mga8
Severity
Publication date: 31 Mar 2022
URL: https://advisories.mageia.org/MGASA-2022-0124.html
Type: security
CVE: CVE-2018-25032
News
HOWTOs
Features
The Benefits of Bug Bounty Programs
Complete Guide to Keylogging in Linux: Part 1
What You Need to Know about the Sysrv-K Cryptomining Botnet in Less than a Minute
Strengthen Your Linux Endpoint Security & Zero Trust Strategy with Defense-in-Depth & Endpoint Encryption
Call for Contributors with Knowledge of Linux Firewalls!
About Us
Powered By
