Package "zlib1g"

Name:	zlib1g
Description:	compression library - runtime
Latest version:	1:1.2.11.dfsg-2ubuntu9.2
Release:	jammy (22.04)
Level:	security
Repository:	main
Head package:	zlib
Homepage:	http://zlib.net/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "zlib1g"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "zlib1g" in Jammy

Repository	Area	Version
base	main	1:1.2.11.dfsg-2ubuntu9
updates	main	1:1.2.11.dfsg-2ubuntu9.2

Changelog

Version: 1:1.2.11.dfsg-2ubuntu9.2 2022-10-17 20:07:19 UTC

zlib (1:1.2.11.dfsg-2ubuntu9.2) jammy-security; urgency=medium * SECURITY UPDATE: heap-based buffer over-read (LP: #1988548) - debian/patches/CVE-2022-37434-1.patch: in inflate.c, add an extra condition to check if state->head->extra_max is greater than len before copying, and move the len assignment to be placed before the check. - debian/patches/CVE-2022-37434-2.patch: in the previous patch, in inflate.c, the place of the len assignment was causing issues so it was moved to be placed within the check. - CVE-2022-37434 -- Rodrigo Figueiredo Zaiden <email address hidden> Fri, 14 Oct 2022 18:33:00 -0300

1988548	Missing fix for CVE-2022-37434 in zlib1g in focal and jammy
CVE-2022-37434	zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only appl

About - Send Feedback to @ubuntu_updates

Package "zlib1g"

Links

Download "zlib1g"

Other versions of "zlib1g" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates