Mandriva Linux Security Advisory 2009-157 - Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009. This update provides fixes for this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
079d3dc68cac8c8d64168379476a422880f7edd3d2a7f9651ae97c837c635d74
Gentoo Linux Security Advisory GLSA 200908-07 - An off-by-one error in Compress::Raw::Zlib and Compress::Raw::Bzip2 might lead to a Denial of Service. Leo Bergolth reported an off-by-one error in the inflate() function in Zlib.xs of Compress::Raw::Zlib, possibly leading to a heap-based buffer overflow (CVE-2009-1391). Versions less than 2.020 are affected.
4a49f705f825d516631a540be3743e3d68ae6a34883fbf64195eb093757ccf16
Mandriva Linux Security Advisory 2009-174 - Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009. This update provides fixes for this vulnerability.
8a5c2997c6caac6c46e1dac877a304bdafdc0dd8e5243223b58c435f4e7ca6c5
Mandriva Linux Security Advisory 2009-157 - Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009. This update provides fixes for this vulnerability.
4cb76f89dcffad7d7dcb27861ff6dbef4251c1c46dc0d684ce165d880c0986ee
Ubuntu Security Notice USN-794-1 - It was discovered that the Compress::Raw::Zlib Perl module incorrectly handled certain zlib compressed streams. If a user or automated system were tricked into processing a specially crafted compressed stream or file, a remote attacker could crash the application, leading to a denial of service.
7c06242b2b3a2d7466dcc0efeec0724be5966f879f23f5476df470b5158fa7f7