| Revision Date: | 2005-06-13 | Version: | 502 |
| Title: | RHSA-2005:357: gzip security update (Low) |
| Description: | The gzip package contains the GNU gzip data compression program.
A bug was found in the way zgrep processes file names. If a user can be tricked into running zgrep on a file with a carefully crafted file name, arbitrary commands could be executed as the user running zgrep. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0758 to this issue.
A bug was found in the way gunzip modifies permissions of files being decompressed. A local attacker with write permissions in the directory in which a victim is decompressing a file could remove the file being written and replace it with a hard link to a different file owned by the victim. gunzip then gives the linked file the permissions of the uncompressed file. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0988 to this issue.
A directory traversal bug was found in the way gunzip processes the -N flag. If a victim decompresses a file with the -N flag, gunzip fails to sanitize the path which could result in a file owned by the victim being overwritten. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1228 to this issue.
Users of gzip should upgrade to this updated package, which contains backported patches to correct these issues.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-0758
CVE-2005-0988
CVE-2005-1228
RHSA-2005:357-01
|
| Platform(s): | Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Release Information Red Hat Enterprise Linux 3 is installed
AND gzip is earlier than 0:1.3.3-12.rhel3
AND gzip is signed with Red Hat master key
OR Package Information
Red Hat Enterprise Linux 4 is installed
AND gzip is earlier than 0:1.3.3-15.rhel4
AND gzip is signed with Red Hat master key
|