Bug 163038

Summary: CAN-2005-1849 zlib buffer overflow
Product: [Fedora] Fedora Reporter: Josh Bressers <bressers>
Component: zlibAssignee: Ivana Varekova <varekova>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: urgent Docs Contact:
Priority: medium    
Version: 4CC: security-response-team, walt
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: public=20050820,impact=critical,source=vendorsec,reported=20060711
Fixed In Version: 1.2.2.2-5 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-08-25 09:41:13 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 430649    

Description Josh Bressers 2005-07-12 13:50:05 UTC 
+++ This bug was initially created as a clone of Bug #163037 +++

A buffer overflow issue has been found in zlib that can overflow
inflate_state.codes[ENOUGH] by 16 bytes.

It is possible to leverage this issue by creating a valid zlib stream.
Comment 1 Josh Bressers 2005-07-12 13:51:07 UTC 
This issue also affects FC3
Comment 2 Ivana Varekova 2005-07-22 11:08:47 UTC 
Fixed versions are devel - zlib-1.2.2.2-5, fc4 - zlib-1.2.2.2-5.fc4
and fc3 - zlib-1.2.1.2-3.fc3
Comment 3 Walter Justen 2005-08-25 09:41:13 UTC 
Thanks for the bug report. This particular bug was fixed and a update package
was published for download. Please feel free to report any further bugs you find.