Hi,
- zlib zlib's function gzprintf() is prone to a buffer overflow if its arguments expand to more then Z_PRINTF_BUFSIZE bytes. A fixed version of zlib will be shipped with future SuSE Linux versions.
Ok, so for those of us with a current distribution of SuSE, what is the recommended procedure to deal with this bug? Do you have a CERT or upstream reference to the fix?
The patch, by Solar Designer, is attached.
It's a minor bug. Exploitation is very unlikely...
Bye,
Thomas
--
Thomas Biege