As was recently noted on bugtraq, the recent zlib update of RH seems to have
missed rpm, which is statically linked with an old implementation:
[kaboom@verdande tmp]$ ./find-zlib -v /bin/rpm
/bin/rpm: inflate version: "1.1.3 Copyright 1995-1998 Mark Adler"
/bin/rpm: deflate version: "1.1.3 Copyright 1995-1998 Jean-loup Gailly"
/bin/rpm: zlib cplens table, little endian
/bin/rpm: zlib cplext table (version 1.0.5 to 1.1.4)
/bin/rpm: zlib configuration table, little endian, 32 bit
/bin/rpm: 18 out of 18 messages
[kaboom@verdande tmp]$ rpm -qf /bin/rpm
This also applied to the RH 6.2 version of RPM!
Fixed (by linking against patched 1.1.3) in
Raw Hide in (at least) rpm-4.0.4-7x.9
As there's no known way to exercise the double
free in zlib from an rpm package, there won't
be an errata for 6x.