Описание
Security update for zlib
This update for zlib fixes the following issue:
- CVE-2026-27171: Fixed infinite loop via the
crc32_combine64andcrc32_combine_gen64functions due to missing checks for negative lengths (bsc#1258392).
Список пакетов
Container suse/sle-micro/base-5.5:latest
libz1-1.2.13-150500.4.6.1
Container suse/sle-micro/kvm-5.5:latest
libz1-1.2.13-150500.4.6.1
SUSE Linux Enterprise Micro 5.5
libz1-1.2.13-150500.4.6.1
zlib-devel-1.2.13-150500.4.6.1
SUSE Linux Enterprise Module for Basesystem 15 SP7
libminizip1-1.2.13-150500.4.6.1
libz1-1.2.13-150500.4.6.1
libz1-32bit-1.2.13-150500.4.6.1
minizip-devel-1.2.13-150500.4.6.1
zlib-devel-1.2.13-150500.4.6.1
zlib-devel-static-1.2.13-150500.4.6.1
SUSE Linux Enterprise Module for Development Tools 15 SP7
zlib-devel-32bit-1.2.13-150500.4.6.1
openSUSE Leap 15.6
libminizip1-1.2.13-150500.4.6.1
libminizip1-32bit-1.2.13-150500.4.6.1
libz1-1.2.13-150500.4.6.1
libz1-32bit-1.2.13-150500.4.6.1
minizip-devel-1.2.13-150500.4.6.1
zlib-devel-1.2.13-150500.4.6.1
zlib-devel-32bit-1.2.13-150500.4.6.1
zlib-devel-static-1.2.13-150500.4.6.1
zlib-devel-static-32bit-1.2.13-150500.4.6.1
zlib-testsuite-1.2.13-150500.4.6.1
Ссылки
- Link for SUSE-SU-2026:0783-1
- E-Mail link for SUSE-SU-2026:0783-1
- SUSE Security Ratings
- SUSE Bug 1258392
- SUSE CVE CVE-2026-27171 page
Описание
zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition.
Затронутые продукты
Container suse/sle-micro/base-5.5:latest:libz1-1.2.13-150500.4.6.1
Container suse/sle-micro/kvm-5.5:latest:libz1-1.2.13-150500.4.6.1
SUSE Linux Enterprise Micro 5.5:libz1-1.2.13-150500.4.6.1
SUSE Linux Enterprise Micro 5.5:zlib-devel-1.2.13-150500.4.6.1
Ссылки
- CVE-2026-27171
- SUSE Bug 1258392