Issue 47194: Upgrade to zlib v1.2.12 in CPython binary releases
Created on 2022-04-01 19:25 by gregory.p.smith, last changed 2022-04-11 14:59 by admin.
| Pull Requests | |||
|---|---|---|---|
| URL | Status | Linked | Edit |
| PR 32241 | merged | zach.ware, 2022-04-01 20:00 | |
| PR 32248 | merged | miss-islington, 2022-04-02 13:11 | |
| PR 32249 | merged | miss-islington, 2022-04-02 13:11 | |
| PR 32250 | open | miss-islington, 2022-04-02 13:11 | |
| PR 32251 | merged | miss-islington, 2022-04-02 13:11 | |
| Messages (5) | |||
|---|---|---|---|
| msg416510 - (view) | Author: Gregory P. Smith (gregory.p.smith) *  |
Date: 2022-04-01 19:25 | |
zlib v1.2.11 as used in Windows binary releases contains a security issue that, while fixed in its git repo years ago, never wound up in a release or a CVE until just now. Folllow the https://www.openwall.com/lists/oss-security/2022/03/24/1 thread and the and recently assigned CVE-2018-25032. I believe we only ship our own zlib on Windows so this issue is tagged as such. The above oss-security thread is where an idea of severity will come out. |
|||
| msg416552 - (view) | Author: Steve Dower (steve.dower) * |
Date: 2022-04-02 13:10 | |
New changeset 6066739ff7794e54c98c08b953a699cbc961cd28 by Zachary Ware in branch 'main': bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 (GH-32241) https://github.com/python/cpython/commit/6066739ff7794e54c98c08b953a699cbc961cd28 |
|||
| msg416555 - (view) | Author: miss-islington (miss-islington) | Date: 2022-04-02 13:37 | |
New changeset 0f0f85e9d8088eb789cda35477900df32adff546 by Miss Islington (bot) in branch '3.9': bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 (GH-32241) https://github.com/python/cpython/commit/0f0f85e9d8088eb789cda35477900df32adff546 |
|||
| msg416556 - (view) | Author: miss-islington (miss-islington) | Date: 2022-04-02 13:39 | |
New changeset 16a809ffb7af14898ce9ec8165960d96cbcd4ec3 by Miss Islington (bot) in branch '3.10': bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 (GH-32241) https://github.com/python/cpython/commit/16a809ffb7af14898ce9ec8165960d96cbcd4ec3 |
|||
| msg416651 - (view) | Author: Ned Deily (ned.deily) * |
Date: 2022-04-04 03:27 | |
New changeset 387f93c156288c170ff0016a75af06e109d48ee1 by Miss Islington (bot) in branch '3.7': bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 (GH-32241) (GH-32251) https://github.com/python/cpython/commit/387f93c156288c170ff0016a75af06e109d48ee1 |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:59:58 | admin | set | github: 91350 |
| 2022-04-04 03:27:26 | ned.deily | set | messages: + msg416651 |
| 2022-04-02 13:39:10 | miss-islington | set | messages: + msg416556 |
| 2022-04-02 13:37:56 | miss-islington | set | messages: + msg416555 |
| 2022-04-02 13:11:24 | miss-islington | set | pull_requests: + pull_request30322 |
| 2022-04-02 13:11:17 | miss-islington | set | pull_requests: + pull_request30321 |
| 2022-04-02 13:11:09 | miss-islington | set | pull_requests: + pull_request30320 |
| 2022-04-02 13:11:04 | miss-islington | set | nosy:
+ miss-islington pull_requests: + pull_request30319 |
| 2022-04-02 13:10:27 | steve.dower | set | messages: + msg416552 |
| 2022-04-01 20:00:10 | zach.ware | set | keywords:
+ patch stage: needs patch -> patch review pull_requests: + pull_request30312 |
| 2022-04-01 19:25:42 | gregory.p.smith | create | |