Description of Problem: A security hole in the widely used Macromedia Shockwave Flash file format used with Web browsers can allow an attacker to execute code of their choice on affected systems, according to a new security alert released Friday by eEye Digital Security. http://idg.net/ic_933538_1794_9-10000.html Version-Release number of selected component (if applicable): How Reproducible: Steps to Reproduce: 1. 2. 3. Actual Results: Expected Results: Additional Information:
I'd rather get a fixed-for-zlib netscape to go out with this...
Netscape have said that the zlib they use is old and not vulnerable to the double free issue (the zlib in the plugins is vulnerable however)
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2003-026.html