diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-SA-05:16.zlib.asc')
| -rw-r--r-- | share/security/advisories/FreeBSD-SA-05:16.zlib.asc | 103 |
1 files changed, 103 insertions, 0 deletions
diff --git a/share/security/advisories/FreeBSD-SA-05:16.zlib.asc b/share/security/advisories/FreeBSD-SA-05:16.zlib.asc new file mode 100644 index 0000000000..c26c38197b --- /dev/null +++ b/share/security/advisories/FreeBSD-SA-05:16.zlib.asc @@ -0,0 +1,103 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + +============================================================================= +FreeBSD-SA-05:16.zlib Security Advisory + The FreeBSD Project + +Topic: Buffer overflow in zlib + +Category: core +Module: libz +Announced: 2005-07-06 +Credits: Tavis Ormandy +Affects: FreeBSD 5.3, FreeBSD 5.4 +Corrected: 2005-07-06 14:01:11 UTC (RELENG_5, 5.4-STABLE) + 2005-07-06 14:01:30 UTC (RELENG_5_4, 5.4-RELEASE-p4) + 2005-07-06 14:01:52 UTC (RELENG_5_3, 5.3-RELEASE-p18) +CVE Name: CAN-2005-2096 + +For general information regarding FreeBSD Security Advisories, +including descriptions of the fields above, security branches, and the +following sections, please visit +<URL:http://www.freebsd.org/security/>. + +I. Background + +zlib is a compression library used by numerous applications to provide +data compression/decompression routines. + +II. Problem Description + +An error in the handling of corrupt compressed data streams can result +in a buffer being overflowed. + +III. Impact + +By carefully crafting a corrupt compressed data stream, an attacker can +overwrite data structures in a zlib-using application. This may cause +the application to halt, causing a denial of service; or it may result +in the attacker gaining elevated privileges. + +IV. Workaround + +No workaround is available. + +V. Solution + +Perform one of the following: + +1) Upgrade your vulnerable system to 5-STABLE, or to the RELENG_5_4 or +RELENG_5_3 security branch dated after the correction date. + +2) To patch your present system: + +The following patch has been verified to apply to FreeBSD 5.3 and 5.4 +systems. + +a) Download the relevant patch from the location below, and verify the +detached PGP signature using your PGP utility. + +# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:16/zlib.patch +# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:16/zlib.patch.asc + +b) Execute the following commands as root: + +# cd /usr/src +# patch < /path/to/patch +# cd /usr/src/lib/libz/ +# make obj && make depend && make && make install + +VI. Correction details + +The following list contains the revision numbers of each file that was +corrected in FreeBSD. + +Branch Revision + Path +- ------------------------------------------------------------------------- +RELENG_5 + src/lib/libz/inftrees.c 1.4.2.2 +RELENG_5_4 + src/UPDATING 1.342.2.24.2.13 + src/sys/conf/newvers.sh 1.62.2.18.2.9 + src/lib/libz/inftrees.c 1.4.6.1 +RELENG_5_3 + src/UPDATING 1.342.2.13.2.21 + src/sys/conf/newvers.sh 1.62.2.15.2.23 + src/lib/libz/inftrees.c 1.4.4.1 +- ------------------------------------------------------------------------- + +VII. References + +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 + +The latest revision of this advisory is available at +ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.1 (FreeBSD) + +iD8DBQFCy+TYFdaIBMps37IRAqB2AJ4j+wdqj1zJJZdTjskufo7rrsHhcwCgi0SZ +wXRUgGbgl/DtNzyvHi7t/bc= +=anun +-----END PGP SIGNATURE----- |