What Are You Looking For?

Sign Up
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: zlib security update
Advisory ID:       RHSA-2022:1591-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1591
Issue date:        2022-04-26
CVE Names:         CVE-2018-25032 
====================================================================
1. Summary:

An update for zlib is now available for Red Hat Enterprise Linux 8.1 Update
Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1) - aarch64, ppc64le, s390x, x86_64

3. Description:

The zlib packages provide a general-purpose lossless data compression
library that is used by many different programs.

Security Fix(es):

* zlib: A flaw found in zlib v1.2.2.2 through zlib v1.2.11 when compressing
(not decompressing!) certain inputs. (CVE-2018-25032)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

6. Package List:

Red Hat Enterprise Linux BaseOS E4S (v. 8.1):

Source:
zlib-1.2.11-11.el8_1.1.src.rpm

aarch64:
zlib-1.2.11-11.el8_1.1.aarch64.rpm
zlib-debuginfo-1.2.11-11.el8_1.1.aarch64.rpm
zlib-debugsource-1.2.11-11.el8_1.1.aarch64.rpm
zlib-devel-1.2.11-11.el8_1.1.aarch64.rpm

ppc64le:
zlib-1.2.11-11.el8_1.1.ppc64le.rpm
zlib-debuginfo-1.2.11-11.el8_1.1.ppc64le.rpm
zlib-debugsource-1.2.11-11.el8_1.1.ppc64le.rpm
zlib-devel-1.2.11-11.el8_1.1.ppc64le.rpm

s390x:
zlib-1.2.11-11.el8_1.1.s390x.rpm
zlib-debuginfo-1.2.11-11.el8_1.1.s390x.rpm
zlib-debugsource-1.2.11-11.el8_1.1.s390x.rpm
zlib-devel-1.2.11-11.el8_1.1.s390x.rpm

x86_64:
zlib-1.2.11-11.el8_1.1.i686.rpm
zlib-1.2.11-11.el8_1.1.x86_64.rpm
zlib-debuginfo-1.2.11-11.el8_1.1.i686.rpm
zlib-debuginfo-1.2.11-11.el8_1.1.x86_64.rpm
zlib-debugsource-1.2.11-11.el8_1.1.i686.rpm
zlib-debugsource-1.2.11-11.el8_1.1.x86_64.rpm
zlib-devel-1.2.11-11.el8_1.1.i686.rpm
zlib-devel-1.2.11-11.el8_1.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2018-25032
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYmhvttzjgjWX9erEAQiqcw/+I/QcrudnbKerJgbdQnWBCLpgQR9ceuKm
IIY9UF6aPZhNYTVhCKmF3Z05H2xiWG8laRMmFQjXKcj7arLuf7HVzOwQxKEHeYV4
K53SQpseD2+b+ZJF0mYfOMtCdOqf/ibohByGDsdJAMlpWPUYQRKkuCQvPh4n73Ib
3F0HZpGU7QttS6iy1M3cirN8s60X2Tfssrnc6E9LZGwev1T185hA42lx2wWDP3yr
JjCPHwQXz6BenvZVJSUpq0fRCtU8m/gfnIrGEjbWM2ZsptAxY1HNEn5qOZLU6tz8
4vIcDnANHC8KZxUjf7Q6FB/dJ06jiGZl2B/VQRgxOHfzrQHvzH968fBpTg1c/XDp
hlsCdohv6F3hvbPlny6lGKYZdKkSlQInzsbit2Jf71jS4/uxCJfA+ZeBEV/XAFLg
7CwPrxOsgxnYA51DZjgVvW9hWJjsLpk1iDPkdnNScCeyLJ3rdKMdADnEgcgBaV3q
nmEtMXevInPfkwTpRLRb+V5RpoR9Bj5NXZStfL/kTBtx+jbxB23P6FQG68aymzkv
O6KmRdSt9zDszcxUAe5DiDl3sY1iwjFDjtHaHGBbZFsGUgWyEEZszNQCVkNYgXqG
mgit0DD5HnaH7ZeRV8szAVHMMANhaedHevrfoI9wFPzYm6Lc9RaFzPd9YwVK8MlS
mfF7Z5yWaTc=fQDn
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-1591:01 Important: zlib security update

An update for zlib is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

Summary

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.
Security Fix(es):
* zlib: A flaw found in zlib v1.2.2.2 through zlib v1.2.11 when compressing (not decompressing!) certain inputs. (CVE-2018-25032)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Summary


Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2018-25032 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux BaseOS E4S (v. 8.1):
Source: zlib-1.2.11-11.el8_1.1.src.rpm
aarch64: zlib-1.2.11-11.el8_1.1.aarch64.rpm zlib-debuginfo-1.2.11-11.el8_1.1.aarch64.rpm zlib-debugsource-1.2.11-11.el8_1.1.aarch64.rpm zlib-devel-1.2.11-11.el8_1.1.aarch64.rpm
ppc64le: zlib-1.2.11-11.el8_1.1.ppc64le.rpm zlib-debuginfo-1.2.11-11.el8_1.1.ppc64le.rpm zlib-debugsource-1.2.11-11.el8_1.1.ppc64le.rpm zlib-devel-1.2.11-11.el8_1.1.ppc64le.rpm
s390x: zlib-1.2.11-11.el8_1.1.s390x.rpm zlib-debuginfo-1.2.11-11.el8_1.1.s390x.rpm zlib-debugsource-1.2.11-11.el8_1.1.s390x.rpm zlib-devel-1.2.11-11.el8_1.1.s390x.rpm
x86_64: zlib-1.2.11-11.el8_1.1.i686.rpm zlib-1.2.11-11.el8_1.1.x86_64.rpm zlib-debuginfo-1.2.11-11.el8_1.1.i686.rpm zlib-debuginfo-1.2.11-11.el8_1.1.x86_64.rpm zlib-debugsource-1.2.11-11.el8_1.1.i686.rpm zlib-debugsource-1.2.11-11.el8_1.1.x86_64.rpm zlib-devel-1.2.11-11.el8_1.1.i686.rpm zlib-devel-1.2.11-11.el8_1.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2022:1591-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1591
Issued Date: : 2022-04-26
CVE Names: CVE-2018-25032

Topic

An update for zlib is now available for Red Hat Enterprise Linux 8.1 UpdateServices for SAP Solutions.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux BaseOS E4S (v. 8.1) - aarch64, ppc64le, s390x, x86_64


Bugs Fixed

2067945 - CVE-2018-25032 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs


Related News

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Tails 5.20 Brings Latest Tor Browser, Ditches AdGuard Filter List

Nov 29, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Nov 25, 2023

How Meta Patches Linux at Hyperscale

Dec 2, 2023

News

Advisories

HOWTOs

Features

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses

About Us

Powered By

Footer Logo