Slackware: 2022-104-02: gzip Security Update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  gzip (SSA:2022-104-02)

New gzip packages are available for Slackware 14.0, 14.1, 14.2, 15.0,
and -current to fix a security issue.


Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/gzip-1.12-i586-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  zgrep applied to a crafted file name with two or more newlines can no
  longer overwrite an arbitrary, attacker-selected file.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gzip-1.12-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gzip-1.12-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gzip-1.12-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gzip-1.12-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gzip-1.12-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gzip-1.12-x86_64-1_slack14.2.txz

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/gzip-1.12-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/gzip-1.12-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/gzip-1.12-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/gzip-1.12-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 14.0 package:
c86e70ea442a39ae8dee7a32f1230036  gzip-1.12-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
a0c9a1a894b407070934a0dc8389e834  gzip-1.12-x86_64-1_slack14.0.txz

Slackware 14.1 package:
7ab3e32b9b1dcceee1b7a1bf86ca7de2  gzip-1.12-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
1cdfd20648011d475ca80ba611e37262  gzip-1.12-x86_64-1_slack14.1.txz

Slackware 14.2 package:
1bf981ea0168886d730e4646c1594517  gzip-1.12-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
81ded44f47b7b3b187037a6965821679  gzip-1.12-x86_64-1_slack14.2.txz

Slackware 15.0 package:
a31fb06e50897a8943dcf8f116322171  gzip-1.12-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
6f874a71090135b097bc5837ff826746  gzip-1.12-x86_64-1_slack15.0.txz

Slackware -current package:
faa5371b6f9d755930b2cdc900772fa8  a/gzip-1.12-i586-1.txz

Slackware x86_64 -current package:
bb16131dafc5501c1e21387a0fafad37  a/gzip-1.12-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg gzip-1.12-i586-1_slack15.0.txz


+-----+

Slackware: 2022-104-02: gzip Security Update

April 14, 2022
New gzip packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/gzip-1.12-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: zgrep applied to a crafted file name with two or more newlines can no longer overwrite an arbitrary, attacker-selected file. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gzip-1.12-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gzip-1.12-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gzip-1.12-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gzip-1.12-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gzip-1.12-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gzip-1.12-x86_64-1_slack14.2.txz
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/gzip-1.12-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/gzip-1.12-x86_64-1_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/gzip-1.12-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/gzip-1.12-x86_64-1.txz

MD5 Signatures

Slackware 14.0 package: c86e70ea442a39ae8dee7a32f1230036 gzip-1.12-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: a0c9a1a894b407070934a0dc8389e834 gzip-1.12-x86_64-1_slack14.0.txz
Slackware 14.1 package: 7ab3e32b9b1dcceee1b7a1bf86ca7de2 gzip-1.12-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 1cdfd20648011d475ca80ba611e37262 gzip-1.12-x86_64-1_slack14.1.txz
Slackware 14.2 package: 1bf981ea0168886d730e4646c1594517 gzip-1.12-i586-1_slack14.2.txz
Slackware x86_64 14.2 package: 81ded44f47b7b3b187037a6965821679 gzip-1.12-x86_64-1_slack14.2.txz
Slackware 15.0 package: a31fb06e50897a8943dcf8f116322171 gzip-1.12-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: 6f874a71090135b097bc5837ff826746 gzip-1.12-x86_64-1_slack15.0.txz
Slackware -current package: faa5371b6f9d755930b2cdc900772fa8 a/gzip-1.12-i586-1.txz
Slackware x86_64 -current package: bb16131dafc5501c1e21387a0fafad37 a/gzip-1.12-x86_64-1.txz

Severity
[slackware-security] gzip (SSA:2022-104-02)
New gzip packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg gzip-1.12-i586-1_slack15.0.txz

News

Advisories

HOWTOs

Features

An Enterprise’s Guide To Strengthening Linux Cloud Security
Keeping Your Private Files Private: An Introduction to GNU Privacy Guard
Complete Guide to Ethical Hacking
Authoritative Guide on Linux Disk Encryption
Linux Database Security Tips

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy