|
|
Log in / Subscribe / Register

Debian alert DLA-2085-1 (zlib)



From:
              Thorsten Alteholz <debian@alteholz.de> 


To:
              debian-lts-announce@lists.debian.org 


Subject:
              [SECURITY] [DLA 2085-1] zlib security update 


Date:
              Wed, 29 Jan 2020 22:52:33 +0100 (CET)


Message-ID:
              <alpine.DEB.2.20.2001292250180.25258@jupiter.server.alteholz.net>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : zlib
Version        : 1:1.2.8.dfsg-2+deb8u1
CVE ID         : CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843


Several issues have been found in zlib, a compression library.
They are basically about improper big-endian CRC calculation, improper 
left shift of negative integers and improper pointer arithmetic.


For Debian 8 "Jessie", these problems have been fixed in version
1:1.2.8.dfsg-2+deb8u1.

We recommend that you upgrade your zlib packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl4x/qFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEd5dw//bgoCkCojOiuClXBTT6j640L1TtZjws26SOTFVhVOWMeTZnn+7QJf6hp6
zGD5SeTAnGj6NNRvW3e3Uec/sQJ1cW6HPFaTvUMaI0uaG6Y/2+NDvwonz+X5AJpd
1C7waQ9bd+uQIM2yAxlTK3Q9ZDUdSstOcwKyh42n6/BXB6S01OXyA1wBL68G4BiK
r4+XlkHkdk7zXbdt+VkN4oN+gxztLU4MX1Yt04Gc+vL6dTRsCFhB0ryFwdouRZbZ
vPVUV1iyP7g8ay0Hrhv43UrGpXX4sby+umIXYWOueC3yNdc9J4FY69dD7bTWzIVI
YrusJORGT5ZRqRI+MtOvKcbFNsXn/kTWH7+NcZWKkOaF58kiZ7Rn319cafqi2EUA
zZvOLVnAQivMzBe8RTRhglbEgsi6drA3d6RWtt1kVFKE1OlnoFEmI5FQRpNENdXY
DNmGY2s8RYZvbUPDBxCAioaJaMjZwUw4kvfeS34QN4yof720P1jEfSZD27sy0v6y
7AkPo2xxpDuTxXyGdUDm7rO3gPyGc5i0P81C2zGEuoIaUIvqIS43vhNIgiVHpjQ6
UkrtVHFJA8JniaslzEUNmqEOYB3fvTrP2lcRY880132yMj98slhCKzu2gZPfiIlP
UM9NMAdtu6SkSXOVY40TWfCb55gmnwc23NI+VRKcsUmOB3JPs5Y=
=MMsO
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds