Gentoo Security Advisory GLSA 200408-26 (zlib) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 200408-26.

Solution

All zlib users should upgrade to the latest version: # emerge sync # emerge -pv '>=sys-libs/zlib-1.2.1-r3' # emerge '>=sys-libs/zlib-1.2.1-r3' You should also run revdep-rebuild to rebuild any packages that depend on older versions of zlib : # revdep-rebuild Please note that any packages which have the zlib library compiled statically will not show up using revdep-rebuild. You will need to locate those packages manually and then remerge them. http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200408-26 http://bugs.gentoo.org/show_bug.cgi?id=61749 http://www.openpkg.org/security/OpenPKG-SA-2004.038-zlib.html

Insight

The zlib library contains a Denial of Service vulnerability.

Severity

Classification

CVE CVE-2004-0797
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200506-16 (cpio)
Gentoo Security Advisory GLSA 200404-07 (clamav)
Gentoo Security Advisory GLSA 200709-11 (gdm)
Gentoo Security Advisory GLSA 200411-17 (mtink)
Gentoo Security Advisory GLSA 200410-17 (openoffice)

Take action and discover your vulnerabilities