RLSA-2022:1537
See a problem?- Import Source
- https://storage.googleapis.com/resf-osv-data/RLSA-2022:1537.json
- JSON Data
- https://api.osv.dev/v1/vulns/RLSA-2022:1537
- Related
- Published
- 2022-04-26T09:54:04Z
- Modified
- 2023-02-02T12:52:11.974013Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Important: gzip security update
- Details
-
The gzip packages contain the gzip (GNU zip) data compression utility. gzip is used to compress regular files. It replaces them with files containing the .gz extension, while retaining ownership modes, access, and modification times.
Security Fix(es):
- gzip: arbitrary-file-write vulnerability (CVE-2022-1271)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
- Credits
-
-
- Rocky Enterprise Software Foundation
-
- Red Hat
-
Affected packages
Rocky Linux:8 / gzip
Package
- Name
- gzip
- Purl
- pkg:rpm/rocky-linux/gzip?distro=rocky-linux-8-6-legacy&epoch=0