Sigh. Not the file format, not Linux...
|
| Author | Content |
|---|---|
| dinotrac Jul 09, 2005 8:33 AM EDT |
The flaw is in the code for zlib, caused by a buffer overflow under some circumstances. Patches are available. Zlib, BTW, is not Linux and is not even Linux-specific. |
| sbergman27 Jul 09, 2005 9:45 AM EDT |
Dean, You are just being unfair. While they were not 100% accurate, they did make it very clear that while the zlib open source project had not released a patch, the commercial Linux vendors, such as Debian, FreeBSD, Gentoo, and OpenBSD have already updated their distributions with version-specific fixes. And very quickly, I might add. After all, when you buy the product instead of freeloading, that's the kind of support you are paying for, right? -Steve |
| TxtEdMacs Jul 09, 2005 1:39 PM EDT |
sbergman27 - Debian, FreeBSD and OpenBSD "commercial"!???? Since when? Did they have an IPO last night and I missed bidding. How could I have let that opportunity go by and not buy into the Free Consortium? How? How? ;-) I have no idea, if Gentoo is commercial, but the others are not, though you could buy a boxed set for FreeBSD. Just goes to show you those long haired, bearded, fuzz haired, hippie high school types will beat most commercial types any day of the week! |
| dinotrac Jul 09, 2005 1:49 PM EDT |
S & T -- Fair, Schmair. T'ain't a Linux problem. T'ain't, t'ain't, t'ain't. Other than that, they pretty much got the facts right, but I'm old, I'm broke, and I'm cranky. So there. |
| sbergman27 Jul 09, 2005 2:39 PM EDT |
TxtEdEmacs, I'll address your questions in the order presented: 1. Yes. 2. Last night. 3. Yes. 4. Dunno. 5. Ditto. 6. Ditto. Dean, OK... OK. So maybe we can blame it on Theo? ;-) -Steve |
| AnonymousCoward Jul 09, 2005 7:27 PM EDT |
sbergman27: Dean is right on the money. On top of those listed, MS-Windows machines using the native version of zlib (embedded in how many secret-sauce apps by now? given the licence, the only way you can know for sure is disassembly and examination) and/or CygWin are also vulnerable. Mac OS X also uses zlib in various places. Definitely unfair to call it a Linux problem. |
| sbergman27 Jul 10, 2005 12:18 AM EDT |
AnonymousCoward, Speaking seriously for a moment, and just to be clear, I quite agree. In fact, it's not hard to imagine pieces of it having made their way into IE. Blaming it all on Linux was just one mistake in a very confused article. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!