[Namazu-devel-en] About gzip vulnerability
knok at daionet.gr.jp
Thu Sep 21 09:45:33 JST 2006
Multiple gzip vulnerability information was announced.
The above URLs reports about NULL pointer access, buffer overflow, and
infinity loop in gzip. Especially, buffer overflow allows stack
modification, so there is a possibility of any program execution.
Currently, there is no official patch or newest version of
gzip. However, The FreeBSD Project released the patch to fix them.
Also, many Linux distibutor and many OS vendors released fixed gzip
package. So we, Namazu Project, strongly recommend updating gzip
E-mail: knok at daionet.gr.jp
knok at namazu.org / knok at debian.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://www.namazu.org/pipermail/namazu-devel-en/attachments/20060921/9a9e6962/attachment.pgp
More information about the Namazu-devel-en