Re: OpenSSH rebuild warning: problems avoiding zlib problems in Solaris

From: John D Groenveld (jdg117at_private)
Date: Thu Mar 14 2002 - 15:24:05 PST

Next message: tsr@it-checkpoint.net: "[CSS] Cross Site Scripting in the translation and infoplease services of lycos.com possible"

Previous message: Bill Canning: "Account Lockout Vulnerability in Oblix NetPoint v5.2"
Next in thread: Casper Dik: "Re: OpenSSH rebuild warning: problems avoiding zlib problems in Solaris"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

------- Forwarded Message

Return-Path: Heather.Raybouldat_private
Delivery-Date: Thu Mar 14 06:36:51 2002
Received: from arlc.arl.psu.edu ([128.118.19.195]:3465 "EHLO arlc.arl.psu.edu")
	by elvis.arl.psu.edu with ESMTP id <S858890AbSCNLgp>;
	Thu, 14 Mar 2002 06:36:45 -0500
Received: from mail.acm.org ("port 40756"@[199.222.69.4])
 by arlvax.arl.psu.edu (PMDF V5.2-32 #37504)
 with ESMTP id <01KFCARAKKW4984J7Yat_private> for
 jdg117at_private; Thu, 14 Mar 2002 06:36:45 EST
Received: from mercury.Sun.COM (mercury.Sun.COM [192.9.25.1])
	by mail.acm.org (8.9.3/8.9.3) with ESMTP id GAA58220	for <groenveldat_private>;
 Thu, 14 Mar 2002 06:34:27 -0500
Received: from bu-ewat02-01.uk.sun.com ([129.156.199.2])
	by mercury.Sun.COM (8.9.3+Sun/8.9.3) with ESMTP id DAA18830	for
 <groenveldat_private>; Thu, 14 Mar 2002 03:36:43 -0800 (PST)
Received: from sr-ewat02-01 (sr-ewat02-01.UK.Sun.COM [129.156.199.4])
	by bu-ewat02-01.uk.sun.com (8.10.2+Sun/8.10.2/ENSMAIL,v2.2)
 with SMTP id g2EBaes11305; Thu, 14 Mar 2002 11:36:40 +0000 (GMT)
Date:	Thu, 14 Mar 2002 11:36:44 +0000 (GMT)
From:	Heather Raybould - Sun UK - Security Engineer 
	<Heather.Raybouldat_private>
Subject: Re: CERT Advisory CA-2002-07 Double Free Bug in zlib Compression
 Library
To:	groenveldat_private
Reply-to: Heather Raybould - Sun UK - Security Engineer 
	  <Heather.Raybouldat_private>
Message-id: <200203141136.g2EBaes11305@bu-ewat02-01.uk.sun.com>
MIME-version: 1.0
X-Mailer: dtmail 1.3.0 @(#)CDE Version 1.5_47 SunOS 5.9 sun4u sparc
Content-type: TEXT/plain; charset=us-ascii
Content-MD5: mBjXc+TH0HBrGRbtuteHmg==
Return-Path: <Heather.Raybouldat_private>
X-Orcpt: rfc822;jdg117at_private

Hi John,

> Why isn't Sun mentioned?
> John
> groenveldat_private
I am not sure why there is no statement from Sun on the CERT site as yet. 

The SUNWzlib package is affected and Sun is in the process of addressing the 
issue. When a rememdy is available, Sun will release a Security Bulletin with 
details.

Sun is continuing to investigate what other impacts this may have on our 
products and on the programs available on the Sun freeware CD.

Bulletins are available from 
http://sunsolve.sun.com/security

Hope this helps.

Regards,
Heather Raybould
security-alertat_private

------- End of Forwarded Message

Next message: tsr@it-checkpoint.net: "[CSS] Cross Site Scripting in the translation and infoplease services of lycos.com possible"
Previous message: Bill Canning: "Account Lockout Vulnerability in Oblix NetPoint v5.2"
Next in thread: Casper Dik: "Re: OpenSSH rebuild warning: problems avoiding zlib problems in Solaris"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 14 2002 - 17:16:55 PST