Package "lib64z1"
Name: |
lib64z1
|
Description: |
compression library - 64 bit runtime
|
Latest version: |
1:1.2.8.dfsg-2ubuntu4.3 |
Release: |
xenial (16.04) |
Level: |
security |
Repository: |
main |
Head package: |
zlib |
Homepage: |
http://zlib.net/ |
Links
Download "lib64z1"
Other versions of "lib64z1" in Xenial
Changelog
zlib (1:1.2.8.dfsg-2ubuntu4.3) xenial-security; urgency=medium
* SECURITY UPDATE: improper pointer arithmetic might allow
context-dependent attackers to have unspecified impact
- debian/patches/CVE-2016-9840.patch: remove offset pointer optimization
in inftrees.c
- CVE-2016-9840
* SECURITY UPDATE: improper pointer arithmetic might allow
context-dependent attackers to have unspecified impact
- debian/patches/CVE-2016-9841.patch: use post-increment only in inffast.c
- CVE-2016-9841
* SECURITY UPDATE: vectors involving left shifts of negative integers might
allow context-dependent attackers to have unspecified impact
- debian/patches/CVE-2016-9842_1.patch: avoid shifts of negative values in
inflateMark()
- debian/patches/CVE-2016-9842_2.patch: avoid casting an out-of-range
value to long
- CVE-2016-9842
* SECURITY UPDATE: vectors involving big-endian CRC calculation might allow
context-dependent attackers to have unspecified impact
- debian/patches/CVE-2016-9843.patch: avoid pre-decrement of pointer in
big-endian CRC calculation
- CVE-2016-9843
-- Avital Ostromich <email address hidden> Wed, 08 Jan 2020 11:06:35 -0500
|
CVE-2016-9840 |
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
CVE-2016-9841 |
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
CVE-2016-9842 |
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shi |
CVE-2016-9843 |
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian C |
|
About
-
Send Feedback to @ubuntu_updates