Package "libx32z1"
Name: |
libx32z1
|
Description: |
compression library - x32 runtime
|
Latest version: |
1:1.2.8.dfsg-2ubuntu4.3 |
Release: |
xenial (16.04) |
Level: |
updates |
Repository: |
main |
Head package: |
zlib |
Homepage: |
http://zlib.net/ |
Links
Download "libx32z1"
Other versions of "libx32z1" in Xenial
Changelog
zlib (1:1.2.8.dfsg-2ubuntu4.3) xenial-security; urgency=medium
* SECURITY UPDATE: improper pointer arithmetic might allow
context-dependent attackers to have unspecified impact
- debian/patches/CVE-2016-9840.patch: remove offset pointer optimization
in inftrees.c
- CVE-2016-9840
* SECURITY UPDATE: improper pointer arithmetic might allow
context-dependent attackers to have unspecified impact
- debian/patches/CVE-2016-9841.patch: use post-increment only in inffast.c
- CVE-2016-9841
* SECURITY UPDATE: vectors involving left shifts of negative integers might
allow context-dependent attackers to have unspecified impact
- debian/patches/CVE-2016-9842_1.patch: avoid shifts of negative values in
inflateMark()
- debian/patches/CVE-2016-9842_2.patch: avoid casting an out-of-range
value to long
- CVE-2016-9842
* SECURITY UPDATE: vectors involving big-endian CRC calculation might allow
context-dependent attackers to have unspecified impact
- debian/patches/CVE-2016-9843.patch: avoid pre-decrement of pointer in
big-endian CRC calculation
- CVE-2016-9843
-- Avital Ostromich <email address hidden> Wed, 08 Jan 2020 11:06:35 -0500
|
Source diff to previous version |
CVE-2016-9840 |
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
CVE-2016-9841 |
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. |
CVE-2016-9842 |
The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shi |
CVE-2016-9843 |
The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian C |
|
zlib (1:1.2.8.dfsg-2ubuntu4.1) xenial-proposed; urgency=medium
* SRU
* Move zconf.h back to /usr/include (not differing across architectures)
anymore. Closes: #787956. LP: #1512992.
-- Matthias Klose <email address hidden> Fri, 03 Mar 2017 18:31:53 +0100
|
1512992 |
package zlib1g-dev 1:1.2.8.dfsg-2ubuntu4 failed to install/upgrade: trying to overwrite '/usr/include/i386-linux-gnu/zconf.h', which is also in packa |
787956 |
lib32z1-dev: Compiling anything that includes <zlib.h> with -m32 fails - Debian Bug report logs |
|
About
-
Send Feedback to @ubuntu_updates