| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: gzip-doc | Distribution: Trustix Secure Linux |
| Version: 1.3.5 | Vendor: Comodo Trustix |
| Release: 7tr | Build date: Thu Sep 21 13:00:05 2006 |
| Group: Trustix Official | Build host: ttrmgtnived.comodo.net |
| Size: 78912 | Source RPM: gzip-1.3.5-7tr.src.rpm |
| Packager: Comodo Trustix <http://www.trustix.com> | |
| Summary: html formatted Info-files for Gzip | |
This package contains the documentation files for Gzip
GPL
* Thu Sep 21 2006 Nived Gopalan <nived at trustix dot org> 1.3.5-7tr
- SECURITY Fix: Tavis Ormandy, Google Security Team, has reported some
vulnerabilities in gzip, which can be exploited by malicious people
to cause a DoS and potentially compromise a vulnerable system.
- Fix null pointer dereference that may lead to denial of service if
gzip is used in an automated manner.
- A boundary error within the "make_table()" function in unlzh.c can be
used to modify certain stack data. This can be exploited to cause a DoS
and potentially allows to execute arbitrary code.
- A buffer underflow exists within the "build_tree()" function in
unpack.c, which can be exploited to cause a DoS and potentially allows
to execute arbitrary code.
- A buffer overflow within the "make_table()" function of gzip's LZH
support can be exploited to cause a DoS and potentially to compromise
a vulnerable system by e.g. tricking a user or automated system into
unpacking an archive containing a specially crafted decoding table.
- unlzh.c in the LHZ component in gzip allows context-dependent attackers
to cause a denial of service (infinite loop) via a crafted GZIP archive.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2006-4334, CVE-2006-4335, CVE-2006-4336,
CVE-2006-4337 and CVE-2006-4338 to these issues.
* Fri May 20 2005 Syed Shabir Zakiullah <syedshabir at comodo dot com> 1.3.5-5tr
- Fix Multiple vulnerabilities: The zgrep utility improperly
sanitizes arguments, which may come from an untrusted source
(CAN-2005-0758).
* Fri May 06 2005 Chr. Toldnes <christht at trustix dot org> 1.3.5-4tr
- Added a better patch for CAN-2005-1228 that does not break rpm builds.
* Thu May 05 2005 Ajith Thampi <ajith at comodo dot com> 1.3.5-3tr
- Ulf Härnhammar <metaur@telia.com> has discovered a vulnerability in
gunzip that allows a malicious zip file to extract to an arbitrary
directory of the attackers choice when gunzip is used with the -N
option.(CAN-2005-1228)
- A race condition error in the file permission restore code, which may
be exploited by a malicious local user, with write permissions, to gain
read or write access to files of other users.(CAN-2005-0988)
* Thu Mar 17 2005 Lakshmi Dinamoni <lakshmi at comodo dot com> 1.3.5-2tr
- Fix unpackaged files
* Mon Feb 21 2005 Raghu <raghu at comodo dot com> 1.3.5-1tr
- New Upstream
* Fri Dec 03 2004 Syed Shabir <syedshabir at comodo dot com>
- Fix man page bug BugZilla Id: 17
* Tue Nov 09 2004 Erlend Midttun <erlendbm at trustix dot org> 1.3.3-4tr
- Now own /usr/share/html/gzip
* Mon Nov 01 2004 Oystein Viggen <oysteivi at trustix dot com> 1.3.3-3tr
- Patch tempfile issues (Patch taken from Openwall GNU/*/Linux)
* Thu Sep 23 2004 Syed Shabir <syedshabir at comodo dot com> 1.3.3-2tr
- New upstream
* Mon Dec 01 2003 Erlend Midttun <erlendbm at trustix dot org> 1.2.4a-26tr
- Big rebuild
* Mon Oct 20 2003 Michael Scheffler <duke at tawie dot org> 1.2.4a-25ms
- Added 64bit file support
* Mon Jun 23 2003 Erlend Midttun <erlendbm at trustix dot com> 1.2.4a-24tr
- Added %defattr.
* Wed Jun 18 2003 Erlend Midttun <erlendbm at trustix dot com> 1.2.4a-23tr
- Big rebuild
* Tue Mar 25 2003 Erlend Midttun <erlendbm at trustix dot com> 1.2.4a-22em
- Fix typo.
* Mon Mar 24 2003 Erlend Midttun <erlendbm at trustix dot com> 1.2.4a-21em
- Rebuilt against glibc 2.3.2.
* Thu Oct 24 2002 Christian H. Toldnes <christht at trustix dot com> 1.2.4a-20ct
- Replaced info stuff with htmlinfo
* Wed Jul 24 2002 Daniel Meyer <eagle at trustix dot org> 1.2.4a-19dm
- rebuild for Trustix Secure Linux 2.0
* Tue Jan 15 2002 Hans Almåsbakk <hansa at trustix dot com>
- Applied patch that fixes a potential buffer overflow on too long input
filename.
* Mon Feb 28 2000 Lars Gaarden <larsg at trustix dot com>
- put the documentation in a separate package
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com>
- auto rebuild in the new build environment (release 14)
* Thu Dec 17 1998 Cristian Gafton <gafton@redhat.com>
- built against gliibc 2.1
* Thu May 07 1998 Prospector System <bugs@redhat.com>
- translations modified for de, fr, tr
* Thu Apr 09 1998 Cristian Gafton <gafton@redhat.com>
- added /usr/bin/gzip and /usr/bin/gunzip symlinks as some programs are too
brain dead to figure out they should be at least trying to use $PATH
- added BuildRoot
* Wed Jan 28 1998 Erik Troan <ewt@redhat.com>
- fix /tmp races
* Sun Sep 14 1997 Erik Troan <ewt@redhat.com>
- uses install-info
- applied patch for gzexe
* Mon Jun 02 1997 Erik Troan <ewt@redhat.com>
- built against glibc
* Tue Apr 22 1997 Marc Ewing <marc@redhat.com>
- (Entry added for Marc by Erik) fixed gzexe to use /bin/gzip
/usr/share/doc/gzip-doc-1.3.5 /usr/share/doc/gzip-doc-1.3.5/NEWS /usr/share/doc/gzip-doc-1.3.5/README /usr/share/html/gzip /usr/share/html/gzip/gzip.html /usr/share/man/man1 /usr/share/man/man1/gunzip.1.gz /usr/share/man/man1/gzexe.1.gz /usr/share/man/man1/gzip.1.gz /usr/share/man/man1/zcat.1.gz /usr/share/man/man1/zcmp.1.gz /usr/share/man/man1/zdiff.1.gz /usr/share/man/man1/zforce.1.gz /usr/share/man/man1/zgrep.1.gz /usr/share/man/man1/zless.1.gz /usr/share/man/man1/zmore.1.gz /usr/share/man/man1/znew.1.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Mon May 20 05:14:11 2013