A buffer overflow issue has been found in zlib that can overflow
inflate_state.codes[ENOUGH] by 16 bytes.
It is possible to leverage this issue by creating a valid zlib stream.
This issue does not affect RHEL2.1 or RHEL3
This has been made public at least in a Debian update yesterday, so removing
embargo from the bug.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.