Zlib 1.2.3 Released
Posted by Sachin Garg on 22nd July 2005 | Permanent Link
Mark Adler recently announced the latest release of popular data-compression library ZLib.
Fellow Compressors,
zlib 1.2.3 has been released, and can be found here:
This version, among other enhancements and improvements, remedies a
buffer overflow security vulnerability, so all users of zlib 1.2.1 or
zlib 1.2.2 should upgrade. Full details of the changes can be found in
the ChangeLog file in the source distribution.Mark Adler
Version 1.2.3 eliminates potential security vulnerabilities in zlib 1.2.1 and 1.2.2, so all users of those versions should upgrade immediately. The following important fixes are provided in zlib 1.2.3 over 1.2.1 and 1.2.2:
- Eliminate a potential security vulnerability when decoding invalid compressed data
- Eliminate a potential security vulnerability when decoding specially crafted compressed data
- Fix a bug when decompressing dynamic blocks with no distance codes
- Fix crc check bug in gzread() after gzungetc()
- Do not return an error when using gzread() on an empty file
View the complete ChangeLog here.