[CDRIVER-4377] Bundled zlib 1.2.11 is outdated and vulnerable Created: 02/May/22  Updated: 28/Oct/23  Resolved: 09/May/22

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: 1.21.1
Fix Version/s: 1.21.2

Type: Bug Priority: Unknown
Reporter: Agostino Sturaro Assignee: Colby Pike
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related

 Description   

Summary

The bundled version zlib 1.2.11 is outdated and is affected by a known vulnerability.

The changelog of the recently released zlib 1.2.12 recommends to update.
Quote from https://zlib.net/

Due to the bug fixes, any installations of 1.2.11 should be replaced with 1.2.12.

Check this CVE for more info
https://nvd.nist.gov/vuln/detail/CVE-2018-25032



 Comments   
Comment by Githook User [ 15/May/22 ]

Author:

{'name': 'vector-of-bool', 'email': 'vectorofbool@gmail.com', 'username': 'vector-of-bool'}

Message: Update bundled zlib to 1.2.12 (#981)

Comment by Githook User [ 03/May/22 ]

Author:

{'name': 'vector-of-bool', 'email': 'vectorofbool@gmail.com', 'username': 'vector-of-bool'}

Message: Update bundled zlib to 1.2.12 (#981)

Generated at Wed Feb 07 21:20:45 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.