openSUSE Security Update : gzip (gzip-1838)
Medium Nessus Plugin ID 44306
SynopsisThe remote openSUSE host is missing a security update.
DescriptionSpecially crafted gzip archives could lead to gzip allocating a too small huffman table. Attackers could exploit that to crash gzip (CVE-2009-2624).
Specially crafted gzip archives could trigger integer overflows.
Attackers could exploit that to crash gzip or potentially execute arbitrary code (CVE-2010-0001). Only 64bit architectures are affected by this flaw.
SolutionUpdate the affected gzip package.