zlib 1.2.2 released

To: vulnwatch@xxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, NTBUGTRAQ@xxxxxxxxxxxxxxxxxxxxxx
Subject: zlib 1.2.2 released
From: Mark Adler <madler@xxxxxxxxxxxxxxxxxx>
Date: Mon, 1 Nov 2004 20:32:08 -0800
In-reply-to: <1506272A-2C4F-11D9-8661-000A95820F30@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <1506272A-2C4F-11D9-8661-000A95820F30@xxxxxxxxxxxxxxxxxx>

(List moderators -- in the previous version of this email I sent you, Iforgot to include a link to the vulnerability, corrected below.)


Security guardians,

zlib 1.2.2 has been released, which remedies a vulnerability to adenial-of-service attack ( http://www.kb.cert.org/vuls/id/238678 ).You can get the latest release here:


    http://www.zlib.net/

Note that the "canonical" zlib site at http://www.zlib.org/ has yet tobe updated by the owner, Jean-loup Gailly, and still shows zlib 1.2.1.You should go to the above site for the latest release. My gpgsignature on the zlib-1.2.2.tar.gz is attached below.


Mark Adler


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)

iD8DBQBBYMGieD/Njli8r7oRAvHKAJ9zK6T7xrX/1pNSYAHWlyW4JRgC8gCg8omS
1EgmRUAJmthccZ3/ot8ceB0=
=1fnD
-----END PGP SIGNATURE-----

References:
- zlib 1.2.2 released
  - From: Mark Adler

Prev by Date: Re: New Whitepaper - "Second-order Code Injection Attacks"
Next by Date: MSIE <IFRAME> and <FRAME> tag NAME property bufferoverflow PoC exploit (was: python does mangleme (with IE bugs!)) (fwd)
Previous by thread: zlib 1.2.2 released
Next by thread: MDKSA-2004:117 - Updated gaim packages fix vulnerability
Index(es):
- Date
- Thread