News

SSH Communications Security >> http://www.ssh.com
======================================================

[zlib Security Vulnerability Does Not Affect SSH Tectia Products]
< July 12, 2005 >

======================================================

DESCRIPTION

A new security vulnerability has been discovered on July 10, 2005 in the zlib libraries in which specially crafted input files can cause inflate to overwrite memory that follows the internal inflate state. This can cause the application to crash depending on what is overwritten. This vulnerability only affects versions 1.2.1 and 1.2.2. of zlib. Earlier zlib versions, e.g. 1.1.4, are not affected.

Source: http://www.zlib.net/ (retrieved July 12, 2005)

AFFECTED PRODUCTS

SSH Tectia products ARE NOT AFFECTED since none of the SSH Tectia software distributions use vulnerable versions of the zlib library.



======================================================
# SSH Security Alert Mailing List #
----------------------------------------------------
This e-mail has been sent to the users of SSH products and others who have been in contact with us in the past and who have agreed that we send you security alerts.
To unsubscribe from the mailing list, send a blank e-mail to ssh-news-alert-unsubscribe@lists.ssh.com from the e-mail account you wish to unsubscribe, or visit
http://www.ssh.com/company/newsroom/unsubscribe.mpl .
======================================================

Sincerely,

SSH Communications Security >> http://www.ssh.com

© 2005 SSH Communications Security Corp. All rights reserved. ssh® is a registered trademark of SSH Communications Security Corp in the United States and in certain other jurisdictions. All other names and marks are property of their respective owners.