First published: Wed May 11 2022(Updated: )
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.<br>Security Fix(es):<br><li> zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/zlib | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/minizip | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/minizip | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/minizip-devel | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/minizip-devel | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-debuginfo | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-debuginfo | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-devel | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-devel | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-static | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-static | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/minizip | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/minizip-devel | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-debuginfo | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-devel | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
redhat/zlib-static | <1.2.7-20.el7_9 | 1.2.7-20.el7_9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of RHSA-2022:2213 is considered important due to the security flaw in the zlib library affecting data compression.
To fix RHSA-2022:2213, update the affected zlib and related packages to version 1.2.7-20.el7_9.
RHSA-2022:2213 affects the zlib, minizip, and minizip-devel packages in versions prior to 1.2.7-20.el7_9.
RHSA-2022:2213 addresses CVE-2018-25032, a flaw found when compressing specific inputs using the zlib library.
There is no specific workaround for RHSA-2022:2213; it is recommended to apply the updates to mitigate the vulnerability.