*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
The included gzip version is quite old (version 1.2.4) and has several security vulnerabilities. Check http://web.nvd.nist.gov/view/vuln/search- results?adv_search=true&cves=on&cpe_version=cpe:/a:gnu:gzip:1.2.4 for example. I explicitly checked for CVE-2001-1228, which was not fixed by a patch in the klibc package, so I assume the other vulnerabilities are not fixed either. I think it would be a good idea to update the included gzip to a current version. ** Affects: klibc (Ubuntu) Importance: Undecided Status: New -- Included gzip 1.2.4 has several vulnerabilities https://bugs.launchpad.net/bugs/1358762 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
