Mandrake Linux Security Advisory : zlib (MDKSA-2005:124)
Medium Nessus Plugin ID 19885
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionA previous zlib update (MDKSA-2005:112; CVE-2005-2096) fixed an overflow flaw in the zlib program. While that update did indeed fix the reported overflow issue, Markus Oberhumber discovered additional ways that a specially crafted compressed stream could trigger an overflow. An attacker could create such a stream that would cause a linked application to crash if opened by a user.
The updated packages are provided to protect against this flaw. The Corporate Server 2.1 product is not affected by this vulnerability.
SolutionUpdate the affected zlib1 and / or zlib1-devel packages.