4 ignored security issues in jessie

package:
zlib
severity:
low
created:
2016-12-06
last updated:
2018-06-02

There are 4 open security issues in jessie.
4 issues skipped by the security teams:
  • CVE-2016-9841: inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
  • CVE-2016-9840: inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.
  • CVE-2016-9842: The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.
  • CVE-2016-9843: The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.
Please fix them.