USN-5355-2

Details

USN-5355-1 fixed a vulnerability in zlib. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

Danilo Ramos discovered that zlib incorrectly handled memory when performing certain deflating operations. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code.

Affected Packages

zlib

Ubuntu Pro 14.04 LTS

Fixed in:

1:1.2.8.dfsg-1ubuntu1.1+esm1

zlib

Ubuntu Pro 16.04 LTS

Fixed in:

1:1.2.8.dfsg-2ubuntu4.3+esm1

References

REPORThttps://ubuntu.com/security/CVE-2018-25032 ADVISORYhttps://ubuntu.com/security/notices/USN-5355-2

USN-5355-2

Details

Affected Packages

References

Upstream

Ecosystems

Timeline