Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 98404

Summary: zlib buffer overflow needs promentent exposure.
Product: Gentoo Security Reporter: genbug
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: critical    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.gentoo.org/security/en/glsa/glsa-200507-05.xml
Whiteboard:
Package list:
Runtime testing required: ---

Description genbug 2005-07-08 14:57:06 UTC
http://forums.gentoo.org/viewtopic.php?t=356659

GLSA states there is a vunerability in zlib and adivses "zlib users" to upgrade.

This is a core package in the system profile, _EVERYONE_ is a zlib user.

Shouldn't this be given wider exposer with a _clear_ message that it affects all 
Gentoo systems rather than editing the stock template ?



Reproducible: Always
Steps to Reproduce:
1.
2.
3.




Put this criticat, presuambly it is important after all the chat about how we 
take security seriously ?
Comment 1 SpanKY gentoo-dev 2005-07-08 17:23:21 UTC
it receives as much 'exposure' as all our other GLSA's (which includes issues
with the linux kernel)

that means the GLSA is e-mailed to many public lists, posted on glsa.gentoo.org,
added to our portage tree and everyone who uses `glsa-check` sees it