Closed
Bug 1796811
Opened 2 years ago
Closed 2 years ago
Update zlib to version 1.2.13
Categories
(Core :: General, task)
Core
General
Tracking
()
RESOLVED
FIXED
108 Branch
| Tracking | Status | |
|---|---|---|
| firefox108 | --- | fixed |
People
(Reporter: RyanVM, Assigned: RyanVM)
References
Details
Attachments
(2 files)
Version 1.2.13 has these key updates from 1.2.12:
- Fix a bug when getting a gzip header extra field with inflateGetHeader(). This remedies CVE-2022-37434.
- Fix a bug in block type selection when Z_FIXED used. Now the smallest block type is selected, for better compression.
- Fix a configure issue that discarded the provided CC definition.
- Correct incorrect inputs provided to the CRC functions. This mitigates a bug in Java.
- Repair prototypes and exporting of the new CRC functions.
- Fix inflateBack to detect invalid input with distances too far.
|
Assignee | |
Comment 1•2 years ago
|
||
Worth noting that we've already previously investigated CVE-2022-37434 and determined that Firefox isn't affected by it.
|
|
Assignee | |
Comment 2•2 years ago
|
||
|
|
Assignee | |
Comment 3•2 years ago
|
||
|
|
Assignee | |
Comment 4•2 years ago
|
||
Depends on D159950
|
|
Assignee | |
Updated•2 years ago
|
Summary: Update in-tree zlib to version 1.2.13 → Update zlib to version 1.2.13
Pushed by rvandermeulen@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/4dbff747acd9
Update in-tree zlib to version 1.2.13. r=aosmond
https://hg.mozilla.org/integration/autoland/rev/76b6f0105897
Upgrade zlib to 1.2.13 for NSIS. r=glandium
|
||
Comment 6•2 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/4dbff747acd9
https://hg.mozilla.org/mozilla-central/rev/76b6f0105897
Status: NEW → RESOLVED
Closed: 2 years ago
status-firefox108:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 108 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•