First published: Tue Nov 08 2022(Updated: )
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs.<br>Security Fix(es):<br><li> zlib: A flaw found in zlib when compressing (not decompressing) certain inputs (CVE-2018-25032)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section.
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/mingw-zlib | <1.2.8-10.el8 | 1.2.8-10.el8 |
redhat/mingw32-zlib | <1.2.8-10.el8 | 1.2.8-10.el8 |
redhat/mingw32-zlib-debuginfo | <1.2.8-10.el8 | 1.2.8-10.el8 |
redhat/mingw32-zlib-static | <1.2.8-10.el8 | 1.2.8-10.el8 |
redhat/mingw64-zlib | <1.2.8-10.el8 | 1.2.8-10.el8 |
redhat/mingw64-zlib-debuginfo | <1.2.8-10.el8 | 1.2.8-10.el8 |
redhat/mingw64-zlib-static | <1.2.8-10.el8 | 1.2.8-10.el8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of RHSA-2022:7813 is categorized as moderate due to the potential impact of the flaw in zlib.
To fix RHSA-2022:7813, you should upgrade to the resolved version of the affected zlib packages, specifically version 1.2.8-10.el8.
CVE-2018-25032 is a vulnerability found in zlib that affects its behavior when compressing certain inputs.
The affected packages include mingw-zlib, mingw32-zlib, and mingw64-zlib among others.
Yes, the specific version that addresses RHSA-2022:7813 is 1.2.8-10.el8.