Date: Fri, 5 Aug 2022 11:48:11 -0400 From: Ed Maste <emaste@freebsd.org> To: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: dc3509f1aafc - main - zlib: Fix a bug when getting a gzip header extra field with inflate(). Message-ID: <CAPyFy2C3CtZpXdrpQAjOej5wZsYbmOg%2BHppUVpgiw5rBJRo-HA@mail.gmail.com> In-Reply-To: <202208051334.275DYXuH084110@gitrepo.freebsd.org> References: <202208051334.275DYXuH084110@gitrepo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 5 Aug 2022 at 09:34, Ed Maste <emaste@freebsd.org> wrote: > > The branch main has been updated by emaste: > > URL: https://cgit.FreeBSD.org/src/commit/?id=dc3509f1aafcd966f3dd9226115cf94b691ff3c7 > > commit dc3509f1aafcd966f3dd9226115cf94b691ff3c7 > Author: Mark Adler <fork@madler.net> > AuthorDate: 2022-07-30 22:51:11 +0000 > Commit: Ed Maste <emaste@FreeBSD.org> > CommitDate: 2022-08-05 02:30:20 +0000 > > zlib: Fix a bug when getting a gzip header extra field with inflate(). For reference, this is CVE-2022-37434. Code to demonstrate the flaw is available at https://github.com/ivd38/zlib_overflow Found by "EL of @intevydis"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPyFy2C3CtZpXdrpQAjOej5wZsYbmOg%2BHppUVpgiw5rBJRo-HA>