Ubuntu
zlib package

  1. Bug #1729414
  2. Activity log

Activity log for bug #1729414

Date Who What changed Old value New value Message
2017-11-01 19:18:10 Ryan Fisher bug added bug
2017-11-01 19:19:40 Ryan Fisher bug added subscriber Ubuntu Security Team
2017-11-01 19:28:45 Ryan Fisher tags trusty
2017-11-01 19:28:52 Ryan Fisher description The current package available to 14.04/trusty is 1:1.2.8.dfsg-1ubuntu1 which does not have the upstream fixes for the following CVEs: * CVE-2016-9840 (high) * CVE-2016-9841 (critical) * CVE-2016-9842 (high) * CVE-2016-9843 (critical Being that they are being categorized as such by NIST, it would be very nice to get these fixes backported to Trusty or the most recent version of zlib made available to Trusty. Thanks! The current package available to 14.04/trusty is 1:1.2.8.dfsg-1ubuntu1 which does not have the upstream fixes for the following CVEs: * CVE-2016-9840 (high) (https://nvd.nist.gov/vuln/detail/CVE-2016-9840) * CVE-2016-9841 (critical) (https://nvd.nist.gov/vuln/detail/CVE-2016-9841) * CVE-2016-9842 (high) (https://nvd.nist.gov/vuln/detail/CVE-2016-9842) * CVE-2016-9843 (critical) (https://nvd.nist.gov/vuln/detail/CVE-2016-9843) Being that they are being categorized as such by NIST, it would be very nice to get these fixes backported to Trusty or the most recent version of zlib made available to Trusty. Thanks!
2017-11-01 19:31:43 Hans Joachim Desserud cve linked 2016-9840
2017-11-01 19:31:58 Hans Joachim Desserud cve linked 2016-9841
2017-11-01 19:32:08 Hans Joachim Desserud cve linked 2016-9842
2017-11-01 19:32:17 Hans Joachim Desserud cve linked 2016-9843
2017-11-03 02:07:02 Launchpad Janitor zlib (Ubuntu): status New Confirmed
2017-11-20 21:04:55 Michael Leibowitz tags trusty trusty xenial
2017-11-20 21:05:26 Michael Leibowitz bug added subscriber Michael Leibowitz
2017-11-20 21:33:35 Marc Deslauriers zlib (Ubuntu): importance Undecided Low
2018-01-24 18:30:31 Danny Perez bug added subscriber Danny Perez