Overview

File _patchinfo of Package patchinfo.6007

<patchinfo incident="6007">
  <issue id="1003577" tracker="bnc">VUL-1: zlib: Incompatible declarations for external linkage function deflate</issue>
  <issue id="1003580" tracker="bnc">VUL-1: CVE-2016-9842: zlib: Undefined Left Shift of Negative Number</issue>
  <issue id="1003579" tracker="bnc">VUL-1: CVE-2016-9840 CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inftrees.c</issue>
  <issue id="2016-9840" tracker="cve">VUL-1: CVE-2016-9840 CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inftrees.c</issue>
  <issue id="2016-9841" tracker="cve">VUL-1: CVE-2016-9840 CVE-2016-9841: zlib: Out-of-bounds pointer arithmetic in inftrees.c</issue>
  <issue id="2016-9842" tracker="cve">VUL-1: CVE-2016-9842: zlib: Undefined Left Shift of Negative Number</issue>
  <issue id="2016-9843" tracker="cve" />
  <issue id="1013882" tracker="bnc">VUL-0: CVE-2016-9843: zlib: Big-endian out-of-bounds pointer</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>scarabeus_iv</packager>
  <description>
This update for zlib fixes the following issues:

- Remove incompatible declarations of 'struct internal_state' (boo#1003577)
- Avoid out-of-bounds pointer arithmetic in inftrees.c (boo#1003579,
  CVE-2016-9840, CVE-2016-9841)
- Avoid left-shift with negative number (boo#1003580, CVE-2016-9842)
- Avoid undefined behaviour in pointer arithmetic on powerpc (boo#1013882,
  CVE-2016-9843)
</description>
  <summary>Security update for zlib</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places