Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Debian Security Advisory DSA 100-1 (gzip)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing an update to gzip announced via advisory DSA 100-1.
Insight
Insight
GOBBLES found a buffer overflow in gzip that occurs when compressing files with really long filenames. Even though GOBBLES claims to have developed an exploit to take advantage of this bug, it has been said by others that this problem is not likely to be exploitable as other security incidents. Additionally, the Debian version of gzip from the stable release does not segfault, and hence does not directly inherit this problem. However, better be safe than sorry, so we have prepared an update for you. Please make sure you are running an up-to-date version from stable/unstable/testing with at least version 1.2.4-33.
Solution
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20100-1