On 12.01.2017 22:39, Jeff Law wrote:
> On 01/12/2017 02:26 PM, Matthias Klose wrote:
>> On 12.01.2017 22:17, Jeff Law wrote:
>>> On 01/05/2017 07:45 AM, Matthias Klose wrote:
>>>> These are the changes updating zlib from 1.2.8 to 1.2.10. It is only used
>>>> building without a system zlib. The new release includes fixes for
>>>> issues CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843.
>>>> Checked with a build with disabled system-zlib. Ok for the trunk?
>>> Were there any changes that we needed to carry forward or any changes you
>>> to make to the upstream sources?
>> I backed out the changes to the configure* and Makefile* changes (and only
>> these), which are completely different to zlib upstream. There are no
>> additions/deletions to zlib source files, so these build changes still work
>> the updated zlib.
> One more note. I think that, in general, backing out local changes which
> have a strong need to be carried forward is absolutely the right thing to do.
> The less hacking we do on these libraries we pull from other sources, the
> better, IMHO.
agreed, except for the build system (and a locally fixed typo in zlib's
ChangeLog), everything applied cleanly.
Please import it into the binutils-gdb repository.