• Welcome to Powerbasic Museum 2020-B.
 

News:

Forum in repository mode. No new members allowed.

Main Menu

Zlib flaw threatens MS code

Started by MikeTrader, January 14, 2008, 01:59:21 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

MikeTrader

January 14, 2008, 01:59:21 AM
http://www.eweek.com/c/a/Security/Zlib-Security-Flaw-Exposes-Swath-of-Programs/

QuoteThis time, the flaw is a buffer overflow in the decompression process. Because the program doesnt properly validate input data, it can be fed bad data, which can lead to a buffer overflow.

Ooops.


QuoteSymantec Corp. reports that AIX, Debian, FreeBSD, Gentoo, SuSE, Red Hat, Ubuntu and many other operating systems are affected.

QuoteMark Adler [a Zlib co-author] responded to my report with a patch and an in-depth investigation and explanation within 24 hours, and I believe he expects to release a new version of Zlib very soon."

http://news.zdnet.com/2100-3513_22-860428.html
QuoteYet, the incident seemingly proves that Microsoft, despite dismissing open-source code publicly, has used software from others to create their own products.

Print
Go Up Pages1
User actions