Great to see audits of widely used code! Gzip next? Sam James <[email protected]> writes:
> * ZLB-01-001 WP2: Heap Buffer Overflow via Legacy gzprintf Implementation > (High) That vulnerability seems to require that zlib was built with -DNO_vsnprintf -DNO_snprintf, targetting a system lacking 'snprintf'. Does anyone know of a real-world environment using that configuration? I don't see the applicability discussed in the report, and before assigning a severity rating to this problem, I think it is relevant to understand what environments really are affected. /Simon
signature.asc
Description: PGP signature
