[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Addressing the recent zlib issue

On my system, the following packages contain statically linked copies
of zlib-related code:

  dpkg (zlib version 1.2.2)
  various kernel images (zlib version 1.1.3)
  monotone (probably an independent reimplementation of the algorithm)
  mozilla-browser (zlib version 1.1.4)
  openoffice.org-bin (zlib version 1.1.4, via libmozz)
  rsync (probably version 1.1)
  zsync (zlib version

Is anybody looking at this problem in a systematic manner, or should I
just file bugs on the more likely candidates for a security update
(dpkg and zysnc, based on the list above and assuming that 1.1 is
indeed not affected).

I'll check if I can make available an updated version of find-zlib,
but the old one still seems to work to some extent.

Reply to: