Changeset 624e062

Timestamp:

07/06/2005 07:11:18 PM (19 years ago)

Author:

Archaic <archaic@…>

Branches:

6.1, 6.1.1

Children:

beaea5b

Parents:

d7bd282d

Message:

Added security patch for zlib. (merged from trunk r6414)

git-svn-id: ​http://svn.linuxfromscratch.org/LFS/branches/6.1/BOOK@6416 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689

Files:

• chapter01/changelog.xml (modified) (2 diffs)
• chapter03/patches.xml (modified) (1 diff)
• chapter06/zlib.xml (modified) (1 diff)

chapter01/changelog.xml

@@ -71 +71 @@
 <listitem><para>util-linux-2.12p-cramfs-1.patch</para></listitem>
 <listitem><para>vim-6.0-security_fix-1.patch</para></listitem>
+<listitem><para>zlib-1.2.2-security_fix-1.patch;</para></listitem>
 </itemizedlist>
 </listitem>
@@ -88 +89 @@
 </listitem>
 
+<listitem><para>July  6th, 2005 [archaic]: Added security patch for zlib.
+</para></listitem>
+
 <listitem><para>July  6th, 2005 [matt]: Several typo corrections, as suggested
 by Bernard Leak.</para></listitem>

chapter03/patches.xml

@@ -160 +160 @@
 </varlistentry>
 
+<varlistentry>
+<term>Zlib Security Patch - 1KB:</term><listitem>
+<para><ulink url="&patches-root;zlib-&zlib-version;-security_fix-1.patch"/></para>
+</listitem>
+</varlistentry>
+
 </variablelist>
 

chapter06/zlib.xml

@@ -28 +28 @@
 <sect2 role="installation">
 <title>Installation of Zlib</title>
+
+<para>Zlib has a buffer overflow vulnerability that can lead to a Denial of
+Service attack. The following patch fixes the problem:</para>
+
+<screen><userinput>patch -Np1 -i ../zlib-&zlib-version;-security_fix-1.patch</userinput></screen>
 
 <note><para>Zlib is known to build its shared library incorrectly if