vulnerable zlib in testing?

Matthew Burgess matthew at linuxfromscratch.org
Tue Sep 14 12:09:44 PDT 2004


On Mon, 13 Sep 2004 19:42:10 -0500
Bruce Dubbs <bdubbs at swbell.net> wrote:

> Alexander E. Patrakov wrote:
> 
> > There is e.g. a "deflate" compression algorithm used for compressing
> > 
> > data in the PPP protocol. Also the jffs2, cramfs and isofs
> > filesystems 
> > support zlib compression.
> 
> Hmm.  Do you know if any of these areas are affected by the problems 
> that have been identified in zlib?

I believe the latest vulnerability is specific to 1.2.x versions of
zlib, at least that's how I read the advisory.  As the kernel uses a
variation on 1.1.3 I'd think it's not susceptible to the same bug, but
I'm no security guru so what would I know? :)

Matt.



More information about the lfs-dev mailing list