First published: Thu Apr 28 2022(Updated: )
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.<br>Security Fix(es):<br><li> zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/zlib | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-debuginfo | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-debuginfo | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-debugsource | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-debugsource | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-devel | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-devel | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-debuginfo | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-debugsource | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-devel | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib | <1.2.11-18.el8_5.aa | 1.2.11-18.el8_5.aa |
redhat/zlib-debuginfo | <1.2.11-18.el8_5.aa | 1.2.11-18.el8_5.aa |
redhat/zlib-debugsource | <1.2.11-18.el8_5.aa | 1.2.11-18.el8_5.aa |
redhat/zlib-devel | <1.2.11-18.el8_5.aa | 1.2.11-18.el8_5.aa |
redhat/zlib-static | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-static | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-static | <1.2.11-18.el8_5 | 1.2.11-18.el8_5 |
redhat/zlib-static | <1.2.11-18.el8_5.aa | 1.2.11-18.el8_5.aa |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of RHSA-2022:1642 is classified as important.
To fix RHSA-2022:1642, you should update to the zlib package version 1.2.11-18.el8_5.
The RHSA-2022:1642 vulnerability affects the zlib package used for lossless data compression.
The CVE associated with RHSA-2022:1642 is CVE-2018-25032.
Not addressing RHSA-2022:1642 could expose systems to risks associated with flaws in data compression processing.