bugzilla-daemon at mindrot.org
2005-Jul-27 06:38 UTC
[Bug 1063] Checking for zlib version 1.2.3
http://bugzilla.mindrot.org/show_bug.cgi?id=1063 Summary: Checking for zlib version 1.2.3 Product: Portable OpenSSH Version: -current Platform: All URL: http://www.zlib.net/ OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Build system AssignedTo: bitbucket at mindrot.org ReportedBy: senthilkumar_sen at hotpop.com The OpenSSH currently checks for zlib version 1.2.1.2 or up. But a buffer overflow vulnerability exists in 1.2.x series versions 1.2.2 and below, the fix is available in zlib version 1.2.3. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Jul-27 06:43 UTC
[Bug 1063] Checking for zlib version 1.2.3
http://bugzilla.mindrot.org/show_bug.cgi?id=1063 ------- Additional Comments From senthilkumar_sen at hotpop.com 2005-07-27 16:43 ------- Created an attachment (id=943) --> (http://bugzilla.mindrot.org/attachment.cgi?id=943&action=view) Patch to make configure to exit on vulnerable Zlib version The attached patch against current snapshot makes the configure script to exit on vulnerable Zlib version. Please let me know if there are any comments. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2005-Jul-27 08:47 UTC
[Bug 1063] Checking for zlib version 1.2.3
http://bugzilla.mindrot.org/show_bug.cgi?id=1063 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From dtucker at zip.com.au 2005-07-27 18:47 ------- Thanks, but it's a couple of days late :-) From ChangeLog: 20050725 - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Seemingly Similar Threads
- [Bug 1032] PrintLastLog is not working with UseLogin yes
- [Bug 1083] Disable login for locked account
- [Bug 1058] Updating protected password database in HP-UX
- [Bug 980] sshd does not write the session leader pid to utmp when priv-separation is enabled
- [Bug 1029] SIGTERM and cleanup of wtmp files