upgrade to Compress-Zlib-1.34 recommended
Jeff A. Earickson
jaearick at COLBY.EDU
Mon Jan 31 16:42:12 GMT 2005
Gang,
I've been keeping my eye out for this one... A new version
of Compress-Zlib has been released at CPAN. Version 1.33 used
zlib 1.1.4. Version 1.34 of Compress-Zlib uses zlib 1.2.2.
Version 1.2.1 had a security vulnerability that 1.2.2 repaired
(I don't know if this vulnerability was in 1.1.4).
For more info, see:
http://www.zlib.net
http://archives.neohapsis.com/archives/bugtraq/2004-08/0370.html
http://search.cpan.org/~pmqs/Compress-Zlib-1.34/
I would urge you to (a) upgrade zlib, (b) upgrade Compress-Zlib
perl module, (c) make sure that OpenSSH is using zlib 1.2.2
(offtopic to MailScanner, but good security).
Jeff Earickson
Colby College
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list