[SSA:2022-087-01] zlib
New zlib packages are available for Slackware 14.0, 14.1, 14.2, 15.0,
and -current to fix a security issue.
Here are the details from the Slackware 15.0 ChangeLog
patches/packages/zlib-1.2.12-i586-1_slack15.0.txz: Upgraded.
This update fixes memory corruption when deflating (i.e., when compressing)
if the input has many distant matches. Thanks to marav.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
(* Security fix *)
Where to find the new packages
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.
Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/zlib-1.2.12-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/zlib-1.2.12-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/zlib-1.2.12-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/zlib-1.2.12-x86_64-1_slack14.1.txz
Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/zlib-1.2.12-i586-1_slack14.2.txz
Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/zlib-1.2.12-x86_64-1_slack14.2.txz
Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/zlib-1.2.12-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/zlib-1.2.12-x86_64-1_slack15.0.txz
Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/zlib-1.2.12-i586-1.txz
Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/zlib-1.2.12-x86_64-1.txz
MD5 signatures
Slackware 14.0 package:
84d34ceac36074f4aefef1a4506eda84 zlib-1.2.12-i486-1_slack14.0.txz
Slackware x86_64 14.0 package:
c05bbd8322ef16e303d21bdc8ac872da zlib-1.2.12-x86_64-1_slack14.0.txz
Slackware 14.1 package:
dd01b2ea39fd9b2aac90295b4660bf6d zlib-1.2.12-i486-1_slack14.1.txz
Slackware x86_64 14.1 package:
2a93485e325a3e77c664b499a652d101 zlib-1.2.12-x86_64-1_slack14.1.txz
Slackware 14.2 package:
bf800bb336dbe9539977098ad0d9572d zlib-1.2.12-i586-1_slack14.2.txz
Slackware x86_64 14.2 package:
0e6317f37d2277571f0fdea627a867ff zlib-1.2.12-x86_64-1_slack14.2.txz
Slackware 15.0 package:
fd24bfd4f6bb0e539c64e3fd321afeef zlib-1.2.12-i586-1_slack15.0.txz
Slackware x86_64 15.0 package:
790c2e7f6c28158d7d0edb3c4a5dd525 zlib-1.2.12-x86_64-1_slack15.0.txz
Slackware -current package:
bea1a8263ae03aea4acbe4b04921cfd8 l/zlib-1.2.12-i586-1.txz
Slackware x86_64 -current package:
9ccfb193238e66b016fdcd4702285c05 l/zlib-1.2.12-x86_64-1.txz
Installation instructions
Upgrade the package as root:
# upgradepkg zlib-1.2.12-i586-1_slack15.0.txz
- ID
- SSA:2022-087-01
- Severity
- high
- Severity from
- CVE-2018-25032
- URL
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2022&m=slackware-security.457790
- Published
-
2022-03-28T19:37:07
(2 years ago) - Modified
-
2022-03-28T19:37:07
(2 years ago) - Rights
- Slackware Linux Security Team
- Other Advisories
-
- ALAS-2022-1602
- ALAS-2022-1640
- ALAS2-2022-1772
- ALPINE:CVE-2018-25032
- ALSA-2022:1642
- ALSA-2022:2201
- ALSA-2022:7813
- ASA-202204-3
- DSA-5111-1
- ELSA-2022-1642
- ELSA-2022-2201
- ELSA-2022-2213
- ELSA-2022-4584
- ELSA-2022-4592
- ELSA-2022-8420
- ELSA-2022-9565
- FEDORA-2022-12b89e2aad
- FEDORA-2022-3a92250fd5
- FEDORA-2022-413a80a102
- FEDORA-2022-61cf1c64f6
- FEDORA-2022-b58a85e167
- FEDORA-2022-dbd2935e44
- FREEBSD:36D10AF7-248D-11ED-856E-D4C9EF517024
- FREEBSD:38F2E3A0-B61E-11EC-9EBC-1C697AA5A594
- FREEBSD:8E150606-08C9-11ED-856E-D4C9EF517024
- GLSA-202210-42
- GLSA-202405-22
- MS:CVE-2018-25032
- openSUSE-SU-2022:1061-1
- RHSA-2022:1642
- RHSA-2022:2201
- RHSA-2022:2213
- RHSA-2022:4584
- RHSA-2022:4592
- RHSA-2022:7813
- RHSA-2022:8420
- RLSA-2022:1642
- RLSA-2022:2201
- RUBYSEC:NOKOGIRI-2018-25032
- SSA:2022-228-01
- SUSE-SU-2022:1023-1
- SUSE-SU-2022:1043-1
- SUSE-SU-2022:1061-1
- SUSE-SU-2022:1061-2
- SUSE-SU-2022:1062-1
- SUSE-SU-2022:3225-1
- USN-5355-1
- USN-5355-2
- USN-5359-1
- USN-5359-2
- USN-5739-1
- USN-6736-1
- USN-6736-2
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:slackbuild/slackware/zlib?arch=x86_64&distro=slackware64-current | slackware | zlib | < 1.2.12 | slackware64-current | x86_64 | |
Affected | pkg:slackbuild/slackware/zlib?arch=x86_64&distro=slackware64-15.0 | slackware | zlib | < 1.2.12 | slackware64-15.0 | x86_64 | |
Affected | pkg:slackbuild/slackware/zlib?arch=x86_64&distro=slackware64-14.2 | slackware | zlib | < 1.2.12 | slackware64-14.2 | x86_64 | |
Affected | pkg:slackbuild/slackware/zlib?arch=x86_64&distro=slackware64-14.1 | slackware | zlib | < 1.2.12 | slackware64-14.1 | x86_64 | |
Affected | pkg:slackbuild/slackware/zlib?arch=x86_64&distro=slackware64-14.0 | slackware | zlib | < 1.2.12 | slackware64-14.0 | x86_64 | |
Affected | pkg:slackbuild/slackware/zlib?arch=i586&distro=slackware-current | slackware | zlib | < 1.2.12 | slackware-current | i586 | |
Affected | pkg:slackbuild/slackware/zlib?arch=i586&distro=slackware-15.0 | slackware | zlib | < 1.2.12 | slackware-15.0 | i586 | |
Affected | pkg:slackbuild/slackware/zlib?arch=i586&distro=slackware-14.2 | slackware | zlib | < 1.2.12 | slackware-14.2 | i586 | |
Affected | pkg:slackbuild/slackware/zlib?arch=i486&distro=slackware-14.1 | slackware | zlib | < 1.2.12 | slackware-14.1 | i486 | |
Affected | pkg:slackbuild/slackware/zlib?arch=i486&distro=slackware-14.0 | slackware | zlib | < 1.2.12 | slackware-14.0 | i486 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |