Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bug in zlib Affects Many Linux Programs

Posted by michael on from the sauce-for-the-gander dept.

SirTimbly writes: "CNET is reporting that there is a buffer overflow problem with zlib in linux, which is used for network compression. Supposedly, someone could remotely cause a buffer overflow through mozilla, X11 and many other programs." The advisory from Red Hat is available.

9 of 473 comments (clear)

  1. And why... by BigChigger · · Score: -1, Troll

    isn't this being kept hush-hush as MS wants to do with their security problems?

    BC

  2. Re:Fat chance by l33t+j03 · · Score: -1, Troll

    Translation: This is an Open Source bug, thus it is of no consequence.

    --

    Cunning linguists

  3. Re:more info please by mestar · · Score: 0, Troll
    but the implications of this vulnerability are significant, and have the potential for remote compromise leading to root privileges on the server.


    This can't be true, bacause WE ALL KNOW that open source is more secure, I mean, 50 Windows mail viruses are much worse.


    Just kidding.

  4. Swap this article and the last... by Anonymous Coward · · Score: -1, Troll

    and we could have eliminated 90% of the post on the last article :)

  5. hahaha... by someonehasmyname · · Score: -1, Troll

    zlib is one of the main reasons I don't use Linux.

    Before downloading your patch, maybe consider downloading FreeBSD instead. =)

    --
    Common sense is not so common.
  6. Re:The article says this is only affecting Linux by Ooblek · · Score: 0, Troll
    Some glory hound at Redhat found it. I doubt he fired up a windows machine and tested it before he realized he could get his name in the news. Maybe the fact that Redhat found it lead the press to bridge the conclusion that it was a Linux only issue.

    For all Window's flaws, it just shows that no one is above releasing buggy software. It happens.

  7. Oh the IRONY! by Sebastopol · · Score: 1, Troll

    Didn't the previous Slashdot story claim how "Everyone seems to know ... Linux is safer than Windows"???

    LOL at how biased some articles are!

    --
    https://www.accountkiller.com/removal-requested
  8. Re:Staticly linked-implication by Anonymous Coward · · Score: -1, Troll
    You blew it, Einstein. The correct command is:

    find /usr/bin -type f -print | xargs rm

  9. Re:Dumb security question by Anonymous Coward · · Score: -1, Troll

    There's no C developer that can claim his program is completely free of buffer overflows (many foolishly do however). There may be some undetected errors in the program, the progrm may depend on third party code that contains bugs (e.g. the compiler or one of the standard libraries). Most likely bugs in all three categories are present.

    As a VB coder I know for a fact that my prorgams are 100% free of buffer overflow bugs.

    Just goes to show that hippy languages like C suck.