[EMAIL PROTECTED] wrote: > The following subject was researched in the CYGWIN Archives. If the answer exists, I > apologize if the proper string(s) were not input to find the answer to the following > discussion. > > A report by SecurityTracker mentions that there is situation in zlib. > This situation in zlib is reported as relative to the inflate() and > inflateBack(). > The report says the situation varies depending on the application > using the zlib library, but if exploited can result in a denial of services. > > Is there a new zlib to correct for this???? > > If so is the correction in Zlib or the cygwin.dll------ > > What download file or files are required???? > > THANKS for your time, help, and advise!!! :)
First of all it would have helped if you'd included some links. The page you are referring to is <http://www.securitytracker.com/alerts/2004/Aug/1011085.html> and the problem was reported in the debian bug report <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=252253>. The OpenPKG report at <http://lwn.net/Articles/99288/> also contains useful links. The date of that advisory was 30-Aug-2004, and the datestamp on the 1.2.1 Cygwin zlib package is 3-Dec-2003 so no, it does not contain this fix. And, unless I missed it there was no announcement in the last week of a new zlib package, so for the time being there is nothing to download. The fix for this advisory is a trivial patch to fix the error handling, as below from the OpenBSD avisory <ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/017_libz.patch>: diff -u -p -r1.2 -r1.2.2.1 --- lib/libz/infback.c 17 Dec 2003 00:28:19 -0000 1.2 +++ lib/libz/infback.c 28 Aug 2004 16:21:46 -0000 1.2.2.1 @@ -446,6 +446,9 @@ void FAR *out_desc; } } + if (state->mode == BAD) + break; + /* build code tables */ state->next = state->codes; state->lencode = (code const FAR *)(state->next); diff -u -p -r1.6 -r1.6.2.1 --- lib/libz/inflate.c 17 Dec 2003 00:28:19 -0000 1.6 +++ lib/libz/inflate.c 28 Aug 2004 16:21:46 -0000 1.6.2.1 @@ -909,6 +909,9 @@ int flush; state->lens[state->have++] = (unsigned short)len; } } + + if (state->mode == BAD) + break; /* build code tables */ state->next = state->codes; If this is important to you then you should download the zlib src package and apply the above. Hopefully the zlib maintainer will release a fixed package shortly, but with free software there is never any guarantee of anything. Brian -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
