[Python-Dev] zlib 1.2.3 is just out

Scott David Daniels Sat, 23 Jul 2005 04:33:59 -0700

Note zlib 1.2.3 is just out -- the zlib compression/decompression

     http://www.zlib.net/


 From the page:
     Version 1.2.3 eliminates potential security vulnerabilities in zlib
     1.2.1 and 1.2.2, so all users of those versions should upgrade
     immediately. The following important fixes are provided in
     zlib 1.2.3 over 1.2.1 and 1.2.2:

     * Eliminate a potential security vulnerability when decoding
       invalid compressed data
     * Eliminate a potential security vulnerability when decoding
       specially crafted compressed data
     * Fix a bug when decompressing dynamic blocks with no distance codes
     * Fix crc check bug in gzread() after gzungetc()
     * Do not return an error when using gzread() on an empty file

I'd guess this belongs in 2.5, with a possible retrofit for 2.4.

--Scott David Daniels
[EMAIL PROTECTED]

_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] zlib 1.2.3 is just out

Reply via email to