A Buffer overflow security flaw in zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream, as demonstrated using a crafted PNG file.
See CAN-2005-2096 for details.
An official patch from the zlib project has been released.
Version 1.2.3 eliminates potential security vulnerabilities in zlib 1.2.1 and 1.2.2, so all users of those versions should upgrade immediately. The following important fixes are provided in zlib 1.2.3 over 1.2.1 and 1.2.2:
- Eliminate a potential security vulnerability when decoding invalid compressed data
- Eliminate a potential security vulnerability when decoding specially crafted compressed data
- Fix a bug when decompressing dynamic blocks with no distance codes
- Fix crc check bug in gzread() after gzungetc()
- Do not return an error when using gzread() on an empty file