zlib-1.2.11-19.el8
エラータID: AXSA:2022-3921:04
リリース日:
2022/10/25 Tuesday - 14:22
題名:
zlib-1.2.11-19.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- zlib の inflateGetHeader 関数には、ヒープ領域の
範囲外読み書きの問題があるため、リモートの攻撃者により、
大きな gzip ヘッダの拡張フィールドを介して、データ破壊や
クラッシュの発生に伴うサービス拒否攻撃などを可能とする
脆弱性が存在します。(CVE-2022-37434)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-37434
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).
追加情報:
N/A
ダウンロード:
SRPMS
- zlib-1.2.11-19.el8.src.rpm
MD5: b3f1fbe60c6c524d215e66edb8f33940
SHA-256: 9f6210290313b838249bf38e4fd3da86bda84aff583a698cc9dde03b60f57874
Size: 538.16 kB
Asianux Server 8 for x86_64
- zlib-1.2.11-19.el8.x86_64.rpm
MD5: d03ef626a23cde33d2b2e0c4898c5f37
SHA-256: d151b55fee52adf2884c928a8cef948b87f5bf58f55b0668da27146b19ceddbe
Size: 101.51 kB - zlib-devel-1.2.11-19.el8.x86_64.rpm
MD5: e64223630cff13fbc94d4aba663aeafd
SHA-256: 5c326bed504d2a87961314d6238142aeffd8ce2aa06f23f5b0a5c467b6c5871c
Size: 56.70 kB - zlib-static-1.2.11-19.el8.x86_64.rpm
MD5: dd10433720755c0f2bddd3a6ef239233
SHA-256: 9b57fe3eac2e6972516feeecd8d0b6c78079cbb503404e1eee9c4ef3b4110f3d
Size: 74.86 kB - zlib-1.2.11-19.el8.i686.rpm
MD5: 758c3b3ffbc94d07a6752ade6e812bae
SHA-256: 9f68d89a51c8259709afd7790cca10c443894285315647e58df97c5a4408f532
Size: 104.05 kB - zlib-devel-1.2.11-19.el8.i686.rpm
MD5: 650381edd4b832d64ee1e935b76cc8c5
SHA-256: 2ad1bb5e64e07e814d54ff79da5e735ddd0c9378154ed7676bf5929da8a543c3
Size: 56.71 kB - zlib-static-1.2.11-19.el8.i686.rpm
MD5: fa00a1b268407b795bb091133a98de08
SHA-256: d5b3df9fa1e4b7afbc2b9646f83a321f978fdf1966845fd0b313ed36712fb6fa
Size: 78.50 kB