[SECURITY] [DLA 2085-1] zlib security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 2085-1] zlib security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Wed, 29 Jan 2020 22:52:33 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.20.2001292250180.25258@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : zlib
Version        : 1:1.2.8.dfsg-2+deb8u1
CVE ID         : CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843


Several issues have been found in zlib, a compression library.

They are basically about improper big-endian CRC calculation, improperleft shift of negative integers and improper pointer arithmetic.



For Debian 8 "Jessie", these problems have been fixed in version
1:1.2.8.dfsg-2+deb8u1.

We recommend that you upgrade your zlib packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl4x/qFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEd5dw//bgoCkCojOiuClXBTT6j640L1TtZjws26SOTFVhVOWMeTZnn+7QJf6hp6
zGD5SeTAnGj6NNRvW3e3Uec/sQJ1cW6HPFaTvUMaI0uaG6Y/2+NDvwonz+X5AJpd
1C7waQ9bd+uQIM2yAxlTK3Q9ZDUdSstOcwKyh42n6/BXB6S01OXyA1wBL68G4BiK
r4+XlkHkdk7zXbdt+VkN4oN+gxztLU4MX1Yt04Gc+vL6dTRsCFhB0ryFwdouRZbZ
vPVUV1iyP7g8ay0Hrhv43UrGpXX4sby+umIXYWOueC3yNdc9J4FY69dD7bTWzIVI
YrusJORGT5ZRqRI+MtOvKcbFNsXn/kTWH7+NcZWKkOaF58kiZ7Rn319cafqi2EUA
zZvOLVnAQivMzBe8RTRhglbEgsi6drA3d6RWtt1kVFKE1OlnoFEmI5FQRpNENdXY
DNmGY2s8RYZvbUPDBxCAioaJaMjZwUw4kvfeS34QN4yof720P1jEfSZD27sy0v6y
7AkPo2xxpDuTxXyGdUDm7rO3gPyGc5i0P81C2zGEuoIaUIvqIS43vhNIgiVHpjQ6
UkrtVHFJA8JniaslzEUNmqEOYB3fvTrP2lcRY880132yMj98slhCKzu2gZPfiIlP
UM9NMAdtu6SkSXOVY40TWfCb55gmnwc23NI+VRKcsUmOB3JPs5Y=
=MMsO
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 2084-1] graphicsmagick security update
Next by Date: [SECURITY] [DLA 2086-1] wget security update
Previous by thread: [SECURITY] [DLA 2084-1] graphicsmagick security update
Next by thread: [SECURITY] [DLA 2086-1] wget security update
Index(es):
- Date
- Thread