Debian DSA-797-2 : zsync - denial of service
High Nessus Plugin ID 19567
SynopsisThe remote Debian host is missing a security-related update.
Descriptionzsync, a file transfer program, includes a modified local copy of the zlib library, and is vulnerable to certain bugs fixed previously in the zlib package.
There was a build error for the sarge i386 proftpd packages released in DSA 797-1. A new build, zsync_0.3.3-1.sarge.1.2, has been prepared to correct this error. The packages for other architectures are unaffected.
SolutionUpgrade the zsync package.
The old stable distribution (woody) does not contain the zsync package.
For the stable distribution (sarge) this problem has been fixed in version 0.3.3-1.sarge.1.