Some of you may have heard news about the "double free" bug in the zlib 
libraries that many Linux programs use:

There is a quote on the Redhat errata page that got me thinking:

"Additionally, if you have any programs that you have compiled yourself,
you should check to see if they use zlib. If they link to the shared
zlib library then they will not be vulnerable once the shared zlib
library is updated to the errata package. However, if any programs that
decompress arbitrary data statically link to zlib or use their own version
of the zlib code internally, then they need to be patched or
recompiled. "

I remember having to compile PHP 4.1.2 using "--with-zlib"....but I don't 
know enough about it to say whether or not PHP statically links to the zlib 
or dynamically...

Does anyone here know?  After I patch the zlib libraries should I recompile 

Thanks in advance...

PHP General Mailing List (
To unsubscribe, visit:

Reply via email to