From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20050729 Netscape/8.0.3.3 Description of problem: 05.30.28 CVE: CAN-2005-1849 Platform: Cross Platform Title: Zlib Compression Library Decompression Denial of Service Description: The Zlib compression library is an open source library designed for fast compression and decompression of data. It is susceptible to a denial of service vulnerability. This issue is due to a failure of the library to properly handle unexpected input to its decompression routines. Various operating systems using the Zlib library are reported to be affected. Ref: http://marc.theaimsgroup.com/?l=openbsd-security-announce&m=112208705631203&w=2 Version-Release number of selected component (if applicable): How reproducible: Didn't try Additional info:
John - Can you go ahead and close this bug and mark it a duplicate of bug 162680? The CAN-2005-1849 issue has already been patched. See Bug #162680 comment 12. Oh - if you were opening this bug for RedHat 7.3, I believe RH73 uses zlib version 1.1.4, which is not vulnerable to CAN-2005-1849, AFAICT. Thanks.
*** This bug has been marked as a duplicate of 162680 ***