Security 10814 Published by

IPFire 2.27 - Core Update 166 has been released to address a memory corruption issue in zlib.



IPFire 2.27 - Core Update 166 released

This is the release announcement for IPFire 2.27 - Core Update 166. It fixes  the recently introduced backup issue and patches a security vulnerability in zlib.

zlib memory corruption on DEFLATE

CVE-2018-25032 has been assigned to  an issue that allowed an attacker with some chosen content to crash the compressor. We do not believe that this is exploitable in IPFire.

We urge everyone to install this update as soon as possible and if you enjoy using IPFire, please  donate.



IPFire 2.27 - Core Update 166 released