Addressing the recent zlib issue
On my system, the following packages contain statically linked copies
of zlib-related code:
dpkg (zlib version 1.2.2)
various kernel images (zlib version 1.1.3)
monotone (probably an independent reimplementation of the algorithm)
mozilla-browser (zlib version 1.1.4)
openoffice.org-bin (zlib version 1.1.4, via libmozz)
rsync (probably version 1.1)
zsync (zlib version 220.127.116.11)
Is anybody looking at this problem in a systematic manner, or should I
just file bugs on the more likely candidates for a security update
(dpkg and zysnc, based on the list above and assuming that 1.1 is
indeed not affected).
I'll check if I can make available an updated version of find-zlib,
but the old one still seems to work to some extent.