-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3103-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort September 12, 2022 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : zlib Version : 1:1.2.11.dfsg-1+deb10u2 CVE ID : CVE-2022-37434 Debian Bug : 1016710 Evgeny Legerov reported a heap-based buffer overflow vulnerability in the inflate operation in zlib, which could result in denial of service or potentially the execution of arbitrary code if specially crafted input is processed. For Debian 10 buster, this problem has been fixed in version 1:1.2.11.dfsg-1+deb10u2. We recommend that you upgrade your zlib packages. For the detailed security status of zlib please refer to its security tracker page at: https://security-tracker.debian.org/tracker/zlib Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmMe9UUACgkQnUbEiOQ2 gwK6ORAAgGpOsTxboQxmXobpCrLhdibPu4iUbIeXDheNbOSDtHGe6oL0cJVHfrjW jEIUEaQPpWuJEqPDj/X0ux/9Wsyy7F3eOyHkJh14q39o91fmb/eP444kUsJh6GG3 hJxf0SbdK79kknKAo8Jpn308akG77+Vqsz4364YCXPNNuCzrxl/bQRQM0+A+JAMT WjOJ4exSQ0WnCSQhMQQYkpqAAOc0A42/p+Jz4QiRzQk0QSnpE07JoywfFVE9WBAV T9jkiZ+5FtDFXEcSL0mTMG7xsCPWFxICyyjK2iVedScVBaawzIZfNxU9kwxT4Tp0 O6qFQ+pFof/Okld2AKZF7YwB0HpcpkKpPyQuSEQhq7lpbnhIrhcrK4kIp0cRLFTn k7KXJbOlHDfNjX55dHbJTj4LCHWhF+fpxQ2VUdohYKc+U3Ta6GvMl8xJBqiRt6W7 ba9HUX97Z2bFMlDBQrUVPpeDsllRmq3DPVqcG0p6NuIHa7esn+vMcZtgPRJv5SAE qdugdn82H+MVoig37ixZ2Mvtv/EWGworYHdiJmly2ey11oYoTTh3b5rcxakjbchm ++fLDpaZmvIRuMoVWIPZMJdtMcpeMhhWtP0/7LJAZ/IHYa8NOhJAqmh4nMBmYkMg x1ivcfQMdbsOrZO2LUdwe8j1lV1ryBmQbhf53hY6x2TM1dEN7eQ= =ZCQ1 -----END PGP SIGNATURE-----
