Skip to navigation

Security Advisory Vulnerability in zlib library

Advisory: RHSA-2002:026-49
Type: Security Advisory
Severity: N/A
Issued on: 2002-02-11
Last updated on: 2002-05-13
Affected Products: Red Hat Linux 6.2
Red Hat Linux 7.0
Red Hat Linux 7.1
Red Hat Linux 7.2
CVEs (cve.mitre.org): CVE-2002-0059
CVE-2002-0080
CVE-2002-0092

Details

[Update 20 Mar 2002:
Added kernel packages for Red Hat Linux 6.2 on sparc64. Updated VNC
packages as the previous fix caused another denial of service
vulnerability; thanks to Const Kaplinsky for reporting this]

[Update 14 Mar 2002:
Updated kernel packages for Red Hat Linux 6.2 and 7.0 which were missing
the zlib fix; added missing kernel-headers package for 6.2.]

The zlib library provides in-memory compression/decompression
functions. The library is widely used throughout Linux and other
operating
systems.

While performing tests on the gdk-pixbuf library, Matthias Clasen created
an invalid PNG image that caused libpng to crash. Upon further
investigation, this turned out to be a bug in zlib 1.1.3 where certain
types of input will cause zlib to free the same area of memory twice
(called a "double free").

This bug can be used to crash any program that takes untrusted
compressed input. Web browsers or email programs that
display image attachments or other programs that uncompress data are
particularly affected. This vulnerability makes it easy to perform
various
denial-of-service attacks against such programs.

It is also possible that an attacker could manage a more significant
exploit, since the result of a double free is the corruption of the
malloc() implementation's data structures. This could include running
arbitrary code on local or remote systems.

Most packages in Red Hat Linux use the shared zlib library and can be
protected against vulnerability by updating to the errata zlib
package. However, we have identified a number of packages in Red Hat
Linux that either statically link to zlib or contain an internal
version of zlib code.

Although no exploits for this issue or these packages are currently
known to exist, this is a serious vulnerability which could be
locally or remotely exploited. All users should upgrade affected packages
immediately.

Additionally, if you have any programs that you have compiled yourself,
you should check to see if they use zlib. If they link to the shared
zlib library then they will not be vulnerable once the shared zlib
library is updated to the errata package. However, if any programs that
decompress arbitrary data statically link to zlib or use their own
version
of the zlib code internally, then they need to be patched or
recompiled.

The following details apply to the main Red Hat Linux distribution
only. Please see advisory RHSA-2002:027 for Powertools packages.

cvs: cvs is a version control system. The cvs package has been rebuilt to
link against the shared system zlib instead of the internal version.

Additionally, cvs has been updated to version 1.11.1p1 for Red Hat Linux
6.2, 7.0 and 7.1 which also corrects a possible security vulnerability due
to an improperly initialized global variable. (CAN-2002-0092)

dump: The dump package contains programs for backing up and restoring
filesystems. It links statically to zlib and has been rebuilt
against the errata zlib package. Red Hat Linux 7, 7.1, and 7.2
packages have also been upgraded to dump-0.4b25, which includes
many non-security fixes.

gcc3: The gcc3 package contains the GNU Compiler Collection version
3.0. It has been updated to version 3.0.4 and patched to link against
the system zlib instead of the internal version.

libgcj: The libgcj package includes the Java runtime library, which is
needed to run Java programs compiled using the gcc Java compiler
(gcj). libgcj has been patched to use the shared system zlib.

kernel: The Linux kernel internally contains several variants of zlib
code. However, ppp compression is the only implementation that is used with
untrusted data streams. This issue has been patched. New kernel errata
packages are included for Red Hat Linux 6.2 and 7.

Users of Red Hat Linux 7.1, or 7.2 should update to the currently
released kernel errata RHSA-2002-028 (2.4.9-31) which already contains this
fix.

Netscape Navigator: Users are advised to obtain an update from Netscape.

rsync: rsync is a program for synchronizing files over a network.
rsync uses a modified version of zlib internally. These errata
packages patch this internal version of zlib.

The rsync update package also fixes another security issue where rsync did
not call setgroups() before dropping the privileges of the connecting user.
Hence, it is possible for users to retain the group IDs of any supplemental
groups that rsync was started in (for example, supplementary groups of the
root user), allowing users to access files they may not otherwise be able
to access. Thanks to Martin Pool and Andrew Tridgell for alerting us to
this issue. CAN-2002-0080.

VNC: VNC is a remote display system in Powertools 6.2. VNC has been
patched to use the system zlib library.

In addition, there is a small HTTP server implementation in the VNC server
which can be made to wait indefinitely for input, thereby freezing an
active VNC session. The VNC packages recommended by this advisory have
been patched to fix this issue. Users of VNC should be aware that the
program is designed for use on a trusted network.

zlib: The zlib library has been updated with a patch to fix the
aforementioned vulnerability.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains
the desired RPMs.

The procedure for upgrading the kernel is documented at:

http://www.redhat.com/support/docs/howto/kernel-upgrade/

Please read the directions for your architecture carefully before
proceeding with the kernel upgrade.

Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Linux 6.2

SRPMS:
cvs-1.11.1p1-6.2.src.rpm
File outdated by:  RHSA-2003:012
    MD5: 8e02d134a33ac295dbd5106493fdda97
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b19-5.6x.1/SRPMS/dump-0.4b19-5.6x.1.src.rpm
Missing file
    MD5: 131b26079de78c6f0cac8b26a31113a7
kernel-2.2.19-6.2.16.src.rpm
File outdated by:  RHSA-2003:088
    MD5: 26938884ef0e062068578b4b303537e5
ftp://updates.redhat.com/rhn/repository/NULL/rsync/2.4.6-3.6/SRPMS/rsync-2.4.6-3.6.src.rpm
Missing file
    MD5: 01bcbc0059c5b502005ce06a5ef19160
ftp://updates.redhat.com/rhn/repository/NULL/zlib/1.1.3-25.6/SRPMS/zlib-1.1.3-25.6.src.rpm
Missing file
    MD5: b4e8df9d2506d9ae64c720f55a0bce59
 
Alpha:
ftp://updates.redhat.com/rhn/repository/NULL/cvs/1.11.1p1-6.2/alpha/cvs-1.11.1p1-6.2.alpha.rpm
Missing file
    MD5: f727e1db9a1dd6dab65770f8debf1492
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b19-5.6x.1/alpha/dump-0.4b19-5.6x.1.alpha.rpm
Missing file
    MD5: 632bf922df6f841683fbe3e83c374f74
ftp://updates.redhat.com/rhn/repository/NULL/dump-static/0.4b19-5.6x.1/alpha/dump-static-0.4b19-5.6x.1.alpha.rpm
Missing file
    MD5: 922165e41e0bc5f65e082cc7094a9077
kernel-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 4e2f91caeba1058e1fc808a718933b9f
kernel-BOOT-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 94d26771719d8a50150583336dd6ec9c
kernel-doc-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: eb3db443f4f7549681c85754711fb07e
kernel-enterprise-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: d3a495769695e91d4cbd58d4e4a0c8e7
kernel-headers-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 3f799957695505ce197b7b85acace001
kernel-jensen-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: c5f219d1399b12d8259dc0771780a366
kernel-smp-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 4455c82f09277fe0e8094a05d1b231ff
kernel-source-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: aa2f2edf1d0eb7818d7fa94d09d2952b
kernel-utils-2.2.19-6.2.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 7eb85e25a685628cd6795a452036ccd5
ftp://updates.redhat.com/rhn/repository/NULL/rmt/0.4b19-5.6x.1/alpha/rmt-0.4b19-5.6x.1.alpha.rpm
Missing file
    MD5: e0c7f2d151e3d15c18913c090ecc316a
ftp://updates.redhat.com/rhn/repository/NULL/rsync/2.4.6-3.6/alpha/rsync-2.4.6-3.6.alpha.rpm
Missing file
    MD5: 863716a131bf5d87a16e458e69609d0a
ftp://updates.redhat.com/rhn/repository/NULL/zlib/1.1.3-25.6/alpha/zlib-1.1.3-25.6.alpha.rpm
Missing file
    MD5: 8e1e3754359de96f9b719a3d6329fb44
ftp://updates.redhat.com/rhn/repository/NULL/zlib-devel/1.1.3-25.6/alpha/zlib-devel-1.1.3-25.6.alpha.rpm
Missing file
    MD5: 8c479f77bd3148966031355912bf2647
 
IA-32:
cvs-1.11.1p1-6.2.i386.rpm
File outdated by:  RHSA-2003:012
    MD5: 50599253cc0ace39a04b7c4a95d5febb
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b19-5.6x.1/i386/dump-0.4b19-5.6x.1.i386.rpm
Missing file
    MD5: 8ac9e87a40bdbc02c958e0a5acdbee5c
ftp://updates.redhat.com/rhn/repository/NULL/dump-static/0.4b19-5.6x.1/i386/dump-static-0.4b19-5.6x.1.i386.rpm
Missing file
    MD5: b2c4b6147e6fd29c6b4b7b00a21eebaa
kernel-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: dbe20cc5b591ae397889e605c078d9f3
kernel-2.2.19-6.2.16.i586.rpm
File outdated by:  RHSA-2003:088
    MD5: a27e8e713a6d4906daf25e227905b23b
kernel-2.2.19-6.2.16.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: 8a49ce00bca307ecd00f4306d6e6f6eb
kernel-BOOT-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 7eef56265c3424fc85baaaa842cfe421
kernel-doc-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: e9e980629440b46c7ec43088b2278051
kernel-enterprise-2.2.19-6.2.16.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: e27dbb30c5bd401df964906f569969fa
kernel-headers-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: fa612845e970444fe2dc10ef540c3ad3
kernel-ibcs-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: f9bc4d463526c982b05abbe583913937
kernel-pcmcia-cs-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 54458dfeb1fcf0c4e3a388522832eba5
kernel-smp-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: c35659407f1ea0b47abd5dc4b171a3a8
kernel-smp-2.2.19-6.2.16.i586.rpm
File outdated by:  RHSA-2003:088
    MD5: fcd539d8264feac26e97c4ba4df1bb0e
kernel-smp-2.2.19-6.2.16.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: 53f3f291a33c64f9df58074443406d8d
kernel-source-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: cfc3af77f316c662e7c4f3bc6e18f871
kernel-utils-2.2.19-6.2.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 3511ba7f5472685129dcea83ecc91fe9
ftp://updates.redhat.com/rhn/repository/NULL/rmt/0.4b19-5.6x.1/i386/rmt-0.4b19-5.6x.1.i386.rpm
Missing file
    MD5: d02d195b4adde793a74da493016a2f6a
ftp://updates.redhat.com/rhn/repository/NULL/rsync/2.4.6-3.6/i386/rsync-2.4.6-3.6.i386.rpm
Missing file
    MD5: e9762ff858e4dd4d48fc1b5418681e19
ftp://updates.redhat.com/rhn/repository/NULL/zlib/1.1.3-25.6/i386/zlib-1.1.3-25.6.i386.rpm
Missing file
    MD5: d3e7293df89d9e74cea78e2556cb6ea4
ftp://updates.redhat.com/rhn/repository/NULL/zlib-devel/1.1.3-25.6/i386/zlib-devel-1.1.3-25.6.i386.rpm
Missing file
    MD5: c53b34ee09b9f44a346a144f80b81bd7
 
Sparc:
ftp://updates.redhat.com/rhn/repository/NULL/cvs/1.11.1p1-6.2/sparc/cvs-1.11.1p1-6.2.sparc.rpm
Missing file
    MD5: 0a73be9de7eef6df86f9a6231ce84250
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b19-5.6x.1/sparc/dump-0.4b19-5.6x.1.sparc.rpm
Missing file
    MD5: 4743fc86588f8d2550a94133b1b70526
ftp://updates.redhat.com/rhn/repository/NULL/dump-static/0.4b19-5.6x.1/sparc/dump-static-0.4b19-5.6x.1.sparc.rpm
Missing file
    MD5: 9c0119c1a0e461ffe1437a4bd44aacd6
ftp://updates.redhat.com/rhn/repository/NULL/kernel/2.2.19-6.2.16/sparc/kernel-2.2.19-6.2.16.sparc.rpm
Missing file
    MD5: 98cdb3e13f4be71fdd7a63c0e532aef9
ftp://updates.redhat.com/rhn/repository/NULL/kernel/2.2.19-6.2.16/sparc64/kernel-2.2.19-6.2.16.sparc64.rpm
Missing file
    MD5: 1d2e1c234b632902fd29521816e6a550
ftp://updates.redhat.com/rhn/repository/NULL/kernel-BOOT/2.2.19-6.2.16/sparc/kernel-BOOT-2.2.19-6.2.16.sparc.rpm
Missing file
    MD5: bd596bd748b1c0c32d3a80b07350f773
ftp://updates.redhat.com/rhn/repository/NULL/kernel-BOOT/2.2.19-6.2.16/sparc64/kernel-BOOT-2.2.19-6.2.16.sparc64.rpm
Missing file
    MD5: 4195082a407f604519d227660937264e
ftp://updates.redhat.com/rhn/repository/NULL/kernel-doc/2.2.19-6.2.16/sparc/kernel-doc-2.2.19-6.2.16.sparc.rpm
Missing file
    MD5: 5baa4cd453d5f652a6872e4b77c7fe5a
ftp://updates.redhat.com/rhn/repository/NULL/kernel-enterprise/2.2.19-6.2.16/sparc/kernel-enterprise-2.2.19-6.2.16.sparc.rpm
Missing file
    MD5: 0aae46c7d3233c5fa20123511d2746e3
ftp://updates.redhat.com/rhn/repository/NULL/kernel-enterprise/2.2.19-6.2.16/sparc64/kernel-enterprise-2.2.19-6.2.16.sparc64.rpm
Missing file
    MD5: 7d4d8676af4c5eb5cd687fdbc5a4a34a
ftp://updates.redhat.com/rhn/repository/NULL/kernel-headers/2.2.19-6.2.16/sparc/kernel-headers-2.2.19-6.2.16.sparc.rpm
Missing file
    MD5: d11d6f7af0040d1f47e33ac59bad7768
ftp://updates.redhat.com/rhn/repository/NULL/kernel-smp/2.2.19-6.2.16/sparc/kernel-smp-2.2.19-6.2.16.sparc.rpm
Missing file
    MD5: 7d62917ec4f53431a21bd7f1b774d586
ftp://updates.redhat.com/rhn/repository/NULL/kernel-smp/2.2.19-6.2.16/sparc64/kernel-smp-2.2.19-6.2.16.sparc64.rpm
Missing file
    MD5: ac084b792f83f8ec7714568889441f16
ftp://updates.redhat.com/rhn/repository/NULL/kernel-source/2.2.19-6.2.16/sparc/kernel-source-2.2.19-6.2.16.sparc.rpm
Missing file
    MD5: 6ccf8b817498ae9d5022dca8f8cb703e
ftp://updates.redhat.com/rhn/repository/NULL/kernel-utils/2.2.19-6.2.16/sparc/kernel-utils-2.2.19-6.2.16.sparc.rpm
Missing file
    MD5: d34097fc0f35adfb0d8878a0a359c814
ftp://updates.redhat.com/rhn/repository/NULL/rmt/0.4b19-5.6x.1/sparc/rmt-0.4b19-5.6x.1.sparc.rpm
Missing file
    MD5: a0b0518694524b85e22c335cb5bbb59d
ftp://updates.redhat.com/rhn/repository/NULL/rsync/2.4.6-3.6/sparc/rsync-2.4.6-3.6.sparc.rpm
Missing file
    MD5: 71d5f307993bf1c5c666b343a56d371f
ftp://updates.redhat.com/rhn/repository/NULL/zlib/1.1.3-25.6/sparc/zlib-1.1.3-25.6.sparc.rpm
Missing file
    MD5: 4019dfa3b0a196ba8ce3af1a3dc0e8a4
ftp://updates.redhat.com/rhn/repository/NULL/zlib-devel/1.1.3-25.6/sparc/zlib-devel-1.1.3-25.6.sparc.rpm
Missing file
    MD5: 4c1161a93f9d40983db0ae55545830f5
 
Red Hat Linux 7.0

SRPMS:
cvs-1.11.1p1-7.src.rpm
File outdated by:  RHSA-2003:012
    MD5: 49cf09e03d1d51fb2571ac2287e1dcde
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b25-1.70.0/SRPMS/dump-0.4b25-1.70.0.src.rpm
Missing file
    MD5: bccc5133d4080eab76d4c080775c7fe2
kernel-2.2.19-7.0.16.src.rpm
File outdated by:  RHSA-2003:088
    MD5: ca6f54be72d846754a1d3eb1fb0b8823
ftp://updates.redhat.com/rhn/repository/NULL/libgcj/2.96-24.1/SRPMS/libgcj-2.96-24.1.src.rpm
Missing file
    MD5: b58ce67092cc40ac228e1af362e1324a
rsync-2.4.6-13.src.rpm
File outdated by:  RHSA-2003:398
    MD5: b5d8794ea6fe06fdf6bf46829bae89d7
vnc-3.3.3r2-18.4.src.rpm
File outdated by:  RHSA-2003:041
    MD5: c6a2b05186340fc8d93fdc2c461d59e3
zlib-1.1.3-25.7.src.rpm
File outdated by:  RHSA-2003:079
    MD5: e4c9b7ea941c1b5f364aa4d57c06de68
 
Alpha:
ftp://updates.redhat.com/rhn/repository/NULL/cvs/1.11.1p1-7/alpha/cvs-1.11.1p1-7.alpha.rpm
Missing file
    MD5: 658d899deda0305388579b5912b31b4a
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b25-1.70.0/alpha/dump-0.4b25-1.70.0.alpha.rpm
Missing file
    MD5: 68987e1d8f6c09bb927939da5c254688
kernel-2.2.19-7.0.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 9899c8a5bb9138a9ddc49c1b69cd1403
kernel-BOOT-2.2.19-7.0.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: ac3f02a730656194391fe7e65c2a3fbd
kernel-doc-2.2.19-7.0.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 604fafa24b5a4cb07c1605ecd5fd8362
kernel-enterprise-2.2.19-7.0.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 0e2e530df38351c2d7063402b71c66c9
kernel-jensen-2.2.19-7.0.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 8186ec4e31e0ef77c3eaf1826277e0cf
kernel-smp-2.2.19-7.0.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: f707b95f3eb1c3f1ca791e5f29846635
kernel-source-2.2.19-7.0.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 538aa1459c7d8d1b3bcbc4d15841c73c
kernel-utils-2.2.19-7.0.16.alpha.rpm
File outdated by:  RHSA-2002:210
    MD5: 269a3996af4a1f26a9b5e537e25b7d50
ftp://updates.redhat.com/rhn/repository/NULL/libgcj/2.96-24.1/alpha/libgcj-2.96-24.1.alpha.rpm
Missing file
    MD5: 0009a93f552453ff1d2c7116d20ef9fa
ftp://updates.redhat.com/rhn/repository/NULL/libgcj-devel/2.96-24.1/alpha/libgcj-devel-2.96-24.1.alpha.rpm
Missing file
    MD5: 7e5ac3667bc8af8f3afb24fe949bacb4
ftp://updates.redhat.com/rhn/repository/NULL/rmt/0.4b25-1.70.0/alpha/rmt-0.4b25-1.70.0.alpha.rpm
Missing file
    MD5: 7c0d97c7ad92859c5cf4a6c86e55f52d
ftp://updates.redhat.com/rhn/repository/NULL/rsync/2.4.6-13/alpha/rsync-2.4.6-13.alpha.rpm
Missing file
    MD5: 7f678187e558fa86744fba161756f0bd
ftp://updates.redhat.com/rhn/repository/NULL/zlib/1.1.3-25.7/alpha/zlib-1.1.3-25.7.alpha.rpm
Missing file
    MD5: 73352503d0864dbfa6db5369002fb0a1
ftp://updates.redhat.com/rhn/repository/NULL/zlib-devel/1.1.3-25.7/alpha/zlib-devel-1.1.3-25.7.alpha.rpm
Missing file
    MD5: 542159b445cc9d1f0d8636e374711f86
 
IA-32:
cvs-1.11.1p1-7.i386.rpm
File outdated by:  RHSA-2003:012
    MD5: ce2644ac389d9aa9993fe010cb7f30c8
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b25-1.70.0/i386/dump-0.4b25-1.70.0.i386.rpm
Missing file
    MD5: 07219be3485102a1b902d3968b3c4420
kernel-2.2.19-7.0.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 6c673d7bdf5d6108a3ddaacdb18373ce
kernel-2.2.19-7.0.16.i586.rpm
File outdated by:  RHSA-2003:088
    MD5: 6eb0eb01effd82649a3bdd4d0f2f0fa0
kernel-2.2.19-7.0.16.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: f5a81ad5baaf7b4f09aa2a2fac7d22ef
kernel-BOOT-2.2.19-7.0.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: a7ecbe38220e9a720c67843e0cb79384
kernel-doc-2.2.19-7.0.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 44468ff938bc6e41e361c39d0fa79771
kernel-enterprise-2.2.19-7.0.16.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: 10813b313637f6b65df98b2cbbc59657
kernel-ibcs-2.2.19-7.0.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 21a39c24c7a60d3efec3a7cffde41e5f
kernel-pcmcia-cs-2.2.19-7.0.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: c4befc62350771ec8c9d65d0531f4ac2
kernel-smp-2.2.19-7.0.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 64f338fe15bf56912886c479eb9bdca7
kernel-smp-2.2.19-7.0.16.i586.rpm
File outdated by:  RHSA-2003:088
    MD5: 2e311b1a8fa7258b7a0cc56fb5075f0c
kernel-smp-2.2.19-7.0.16.i686.rpm
File outdated by:  RHSA-2003:088
    MD5: e12d2b621a1211ee8ac20e6b08343ccc
kernel-source-2.2.19-7.0.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 9e693fd3ba64e809b83dcacdd8211086
kernel-utils-2.2.19-7.0.16.i386.rpm
File outdated by:  RHSA-2003:088
    MD5: 1f30d36d357ec7057e6ca50b629a1845
ftp://updates.redhat.com/rhn/repository/NULL/libgcj/2.96-24.1/i386/libgcj-2.96-24.1.i386.rpm
Missing file
    MD5: fd1c65551e77fc09837130cee54f4283
ftp://updates.redhat.com/rhn/repository/NULL/libgcj-devel/2.96-24.1/i386/libgcj-devel-2.96-24.1.i386.rpm
Missing file
    MD5: fd2186bc67d1e98f3e83ced9f0a84215
ftp://updates.redhat.com/rhn/repository/NULL/rmt/0.4b25-1.70.0/i386/rmt-0.4b25-1.70.0.i386.rpm
Missing file
    MD5: a7c94e2d2fd3057f9c51e394b9488f19
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/rsync-2.4.6-13.i386.rpm
Missing file
    MD5: dd9003947e4ae34aff75ea48e5289332
vnc-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 5a1e7fdd8b06998029bc4f1fe47392ef
vnc-doc-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 3f75e04cc69f2b9583ba069b6eaf4c3b
vnc-server-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 6f488072da56a0001f2b5c9ac7c8b6ea
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/zlib-1.1.3-25.7.i386.rpm
Missing file
    MD5: 1c2a98b53ec5bd716b48d71643705055
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/zlib-devel-1.1.3-25.7.i386.rpm
Missing file
    MD5: 7f6840ee653f0b6e88d3fb28fa56eaf7
 
Red Hat Linux 7.1

SRPMS:
cvs-1.11.1p1-7.src.rpm
File outdated by:  RHSA-2003:012
    MD5: 49cf09e03d1d51fb2571ac2287e1dcde
ftp://updates.redhat.com/rhn/repository/NULL/libgcj/2.96-24.1/SRPMS/libgcj-2.96-24.1.src.rpm
Missing file
    MD5: b58ce67092cc40ac228e1af362e1324a
rsync-2.4.6-13.src.rpm
File outdated by:  RHSA-2003:398
    MD5: b5d8794ea6fe06fdf6bf46829bae89d7
vnc-3.3.3r2-18.4.src.rpm
File outdated by:  RHSA-2003:041
    MD5: c6a2b05186340fc8d93fdc2c461d59e3
zlib-1.1.3-25.7.src.rpm
File outdated by:  RHSA-2003:079
    MD5: e4c9b7ea941c1b5f364aa4d57c06de68
 
Alpha:
ftp://updates.redhat.com/rhn/repository/NULL/cvs/1.11.1p1-7/alpha/cvs-1.11.1p1-7.alpha.rpm
Missing file
    MD5: 658d899deda0305388579b5912b31b4a
ftp://updates.redhat.com/rhn/repository/NULL/libgcj/2.96-24.1/alpha/libgcj-2.96-24.1.alpha.rpm
Missing file
    MD5: 0009a93f552453ff1d2c7116d20ef9fa
ftp://updates.redhat.com/rhn/repository/NULL/libgcj-devel/2.96-24.1/alpha/libgcj-devel-2.96-24.1.alpha.rpm
Missing file
    MD5: 7e5ac3667bc8af8f3afb24fe949bacb4
ftp://updates.redhat.com/rhn/repository/NULL/rsync/2.4.6-13/alpha/rsync-2.4.6-13.alpha.rpm
Missing file
    MD5: 7f678187e558fa86744fba161756f0bd
ftp://updates.redhat.com/rhn/repository/NULL/zlib/1.1.3-25.7/alpha/zlib-1.1.3-25.7.alpha.rpm
Missing file
    MD5: 73352503d0864dbfa6db5369002fb0a1
ftp://updates.redhat.com/rhn/repository/NULL/zlib-devel/1.1.3-25.7/alpha/zlib-devel-1.1.3-25.7.alpha.rpm
Missing file
    MD5: 542159b445cc9d1f0d8636e374711f86
 
IA-32:
cvs-1.11.1p1-7.i386.rpm
File outdated by:  RHSA-2003:012
    MD5: ce2644ac389d9aa9993fe010cb7f30c8
ftp://updates.redhat.com/rhn/repository/NULL/libgcj/2.96-24.1/i386/libgcj-2.96-24.1.i386.rpm
Missing file
    MD5: fd1c65551e77fc09837130cee54f4283
ftp://updates.redhat.com/rhn/repository/NULL/libgcj-devel/2.96-24.1/i386/libgcj-devel-2.96-24.1.i386.rpm
Missing file
    MD5: fd2186bc67d1e98f3e83ced9f0a84215
rsync-2.4.6-13.i386.rpm
File outdated by:  RHSA-2003:398
    MD5: dd9003947e4ae34aff75ea48e5289332
vnc-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 5a1e7fdd8b06998029bc4f1fe47392ef
vnc-doc-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 3f75e04cc69f2b9583ba069b6eaf4c3b
vnc-server-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 6f488072da56a0001f2b5c9ac7c8b6ea
zlib-1.1.3-25.7.i386.rpm
File outdated by:  RHSA-2003:079
    MD5: 1c2a98b53ec5bd716b48d71643705055
zlib-devel-1.1.3-25.7.i386.rpm
File outdated by:  RHSA-2003:079
    MD5: 7f6840ee653f0b6e88d3fb28fa56eaf7
 
IA-64:
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/cvs-1.11.1p1-7.ia64.rpm
Missing file
    MD5: fb6a4a68f00df73a844c9f97ff06e685
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/rsync-2.4.6-13.ia64.rpm
Missing file
    MD5: ca2438188203ebb25111c9b68807b802
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/zlib-1.1.3-25.7.ia64.rpm
Missing file
    MD5: c18df65e9d3f26940d5b87691000816d
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/zlib-devel-1.1.3-25.7.ia64.rpm
Missing file
    MD5: 45d6d5ba806017e3bd55bf31d9845e47
 
Red Hat Linux 7.2

SRPMS:
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/SRPMS/binutils-2.11.90.0.8-12.src.rpm
Missing file
    MD5: 99430cfd805162cf26a1579117968599
ftp://updates.redhat.com/rhn/public/2703533/binutils/2.11.90.0.8-12/SRPMS/binutils-2.11.90.0.8-12.src.rpm
Missing file
    MD5: 99430cfd805162cf26a1579117968599
cvs-1.11.1p1-7.src.rpm
File outdated by:  RHSA-2003:012
    MD5: 49cf09e03d1d51fb2571ac2287e1dcde
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/SRPMS/dump-0.4b25-1.72.0.src.rpm
Missing file
    MD5: 29fdca4db6119162d5570d1ec25751e3
ftp://updates.redhat.com/rhn/public/2703533/dump/0.4b25-1.72.0/SRPMS/dump-0.4b25-1.72.0.src.rpm
Missing file
    MD5: 29fdca4db6119162d5570d1ec25751e3
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b25-1.72.1/SRPMS/dump-0.4b25-1.72.1.src.rpm
Missing file
    MD5: cf5df908fb375e3377705502c1cb43e0
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/SRPMS/gcc3-3.0.4-1.src.rpm
Missing file
    MD5: e74ad2d3942b5b4d65fe1563a4a81e3a
ftp://updates.redhat.com/rhn/public/2703533/gcc3/3.0.4-1/SRPMS/gcc3-3.0.4-1.src.rpm
Missing file
    MD5: e74ad2d3942b5b4d65fe1563a4a81e3a
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/SRPMS/libgcj-2.96-28.src.rpm
Missing file
    MD5: 88d37abba63b0760bed46267547ccf63
ftp://updates.redhat.com/rhn/public/2703533/libgcj/2.96-28/SRPMS/libgcj-2.96-28.src.rpm
Missing file
    MD5: 88d37abba63b0760bed46267547ccf63
rsync-2.4.6-13.src.rpm
File outdated by:  RHSA-2003:398
    MD5: b5d8794ea6fe06fdf6bf46829bae89d7
vnc-3.3.3r2-18.4.src.rpm
File outdated by:  RHSA-2003:041
    MD5: c6a2b05186340fc8d93fdc2c461d59e3
zlib-1.1.3-25.7.src.rpm
File outdated by:  RHSA-2003:079
    MD5: e4c9b7ea941c1b5f364aa4d57c06de68
 
IA-32:
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/binutils-2.11.90.0.8-12.i386.rpm
Missing file
    MD5: d6113e1fd56cb3fe7211ff99e82d8a59
cvs-1.11.1p1-7.i386.rpm
File outdated by:  RHSA-2003:012
    MD5: ce2644ac389d9aa9993fe010cb7f30c8
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/dump-0.4b25-1.72.0.i386.rpm
Missing file
    MD5: 195e1eff9947649121bbc1c9be5dabf2
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/gcc3-3.0.4-1.i386.rpm
Missing file
    MD5: df1f93808417ce7edc44f6317483df5e
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/gcc3-c++-3.0.4-1.i386.rpm
Missing file
    MD5: ca84b944123ddf8d8b99169f1e29064e
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/gcc3-g77-3.0.4-1.i386.rpm
Missing file
    MD5: aca54f53c5e43fb4b5bca9c7a398f995
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/gcc3-java-3.0.4-1.i386.rpm
Missing file
    MD5: cb23be0b61cf368232232032295e03da
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/gcc3-objc-3.0.4-1.i386.rpm
Missing file
    MD5: a33b5c220a98c25b5a922093e336471c
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/libgcc-3.0.4-1.i386.rpm
Missing file
    MD5: e1e003d269a8c3b5784656b9baf01f61
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/libgcj-2.96-28.i386.rpm
Missing file
    MD5: d2536bb1878684ddeef62044f0818ff4
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/libgcj-devel-2.96-28.i386.rpm
Missing file
    MD5: 850146af72439bfcf428be2d6d20c69d
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/libgcj3-3.0.4-1.i386.rpm
Missing file
    MD5: 9b387ac35bc0ed5b775d0e86aa08dd6d
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/libgcj3-devel-3.0.4-1.i386.rpm
Missing file
    MD5: f71c536ee53f5f10d72167cf8bf60a66
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/libstdc++3-3.0.4-1.i386.rpm
Missing file
    MD5: 49341cccfee62055fc1859f388b3dd2b
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/libstdc++3-devel-3.0.4-1.i386.rpm
Missing file
    MD5: 39775aac1be0eb7da93ed8d86387dabe
ftp://updates.redhat.com/rhn/private/redhat-advanced-server-i386/RPMS/rmt-0.4b25-1.72.0.i386.rpm
Missing file
    MD5: d8a8dc76ff252ad07f41ee7ba65dbb54
rsync-2.4.6-13.i386.rpm
File outdated by:  RHSA-2003:398
    MD5: dd9003947e4ae34aff75ea48e5289332
vnc-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 5a1e7fdd8b06998029bc4f1fe47392ef
vnc-doc-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 3f75e04cc69f2b9583ba069b6eaf4c3b
vnc-server-3.3.3r2-18.4.i386.rpm
File outdated by:  RHSA-2003:041
    MD5: 6f488072da56a0001f2b5c9ac7c8b6ea
zlib-1.1.3-25.7.i386.rpm
File outdated by:  RHSA-2003:079
    MD5: 1c2a98b53ec5bd716b48d71643705055
zlib-devel-1.1.3-25.7.i386.rpm
File outdated by:  RHSA-2003:079
    MD5: 7f6840ee653f0b6e88d3fb28fa56eaf7
 
IA-64:
cvs-1.11.1p1-7.ia64.rpm
File outdated by:  RHSA-2003:012
    MD5: fb6a4a68f00df73a844c9f97ff06e685
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/dump-0.4b25-1.72.0.ia64.rpm
Missing file
    MD5: cb7d04f2d8b4e258bd091f457cb9724f
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/gcc3-3.0.4-1.ia64.rpm
Missing file
    MD5: 3428bc20426d416960a55be0aa397dba
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/gcc3-c++-3.0.4-1.ia64.rpm
Missing file
    MD5: 673b0e9c4f1bacc50e8a7b7a2b42c147
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/gcc3-g77-3.0.4-1.ia64.rpm
Missing file
    MD5: 74ea5cfad282a6305f0adb7d18779903
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/gcc3-java-3.0.4-1.ia64.rpm
Missing file
    MD5: 77b1c9ac7770ae85b85f5d2bccba9b04
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/gcc3-objc-3.0.4-1.ia64.rpm
Missing file
    MD5: 88f9a06077989f2204fa708535d011e1
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/libgcc-3.0.4-1.ia64.rpm
Missing file
    MD5: b5246f28abb6fece6514d3d0b84575cc
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/libgcj3-3.0.4-1.ia64.rpm
Missing file
    MD5: 9e30de4bca541895d14d0756eafc9666
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/libgcj3-devel-3.0.4-1.ia64.rpm
Missing file
    MD5: 5eca8425b277341f3fcba5b3942b6549
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/libstdc++3-3.0.4-1.ia64.rpm
Missing file
    MD5: 080fc03db827f4b5007558c3c2dfadd4
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/libstdc++3-devel-3.0.4-1.ia64.rpm
Missing file
    MD5: 15055c2133605fab6ad1b0d53176fe87
ftp://updates.redhat.com/rhn/private/redhat-linux-as-2.1-IPF/RPMS/rmt-0.4b25-1.72.0.ia64.rpm
Missing file
    MD5: bd2b196cf5e9d94dc335e2967c9d6f0a
rsync-2.4.6-13.ia64.rpm
File outdated by:  RHSA-2003:398
    MD5: ca2438188203ebb25111c9b68807b802
zlib-1.1.3-25.7.ia64.rpm
File outdated by:  RHSA-2003:079
    MD5: c18df65e9d3f26940d5b87691000816d
zlib-devel-1.1.3-25.7.ia64.rpm
File outdated by:  RHSA-2003:079
    MD5: 45d6d5ba806017e3bd55bf31d9845e47
 
s390:
ftp://updates.redhat.com/rhn/repository/NULL/cvs/1.11.1p1-7/s390/cvs-1.11.1p1-7.s390.rpm
Missing file
    MD5: eb21b5a73762c276fd3874d4024a32d7
ftp://updates.redhat.com/rhn/repository/NULL/dump/0.4b25-1.72.1/s390/dump-0.4b25-1.72.1.s390.rpm
Missing file
    MD5: 0d0c6b53cda4b2babd5964f545981d21
ftp://updates.redhat.com/rhn/repository/NULL/rmt/0.4b25-1.72.1/s390/rmt-0.4b25-1.72.1.s390.rpm
Missing file
    MD5: 2bba5e1cbdf85e53401492a1d40d0200
ftp://updates.redhat.com/rhn/repository/NULL/rsync/2.4.6-13/s390/rsync-2.4.6-13.s390.rpm
Missing file
    MD5: 511afcc48c90564420bf31ed27102b37
ftp://updates.redhat.com/rhn/repository/NULL/zlib/1.1.3-25.7/s390/zlib-1.1.3-25.7.s390.rpm
Missing file
    MD5: a718bfd5d1538f5dfcd901ff6f5a3251
ftp://updates.redhat.com/rhn/repository/NULL/zlib-devel/1.1.3-25.7/s390/zlib-devel-1.1.3-25.7.s390.rpm
Missing file
    MD5: a1e2d593a2145b6d0a26750cde95784e
 

References


Keywords

double, free, zlib


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/