[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: zlib security flaw?

From: Mark Phippard <MarkP_at_softlanding.com>
Date: 2005-07-07 15:22:31 CEST

Mark Phippard <MarkP@softlanding.com> wrote on 07/07/2005 09:18:55 AM:

> Does anyone know any details about this?
> The article was posted last night and is on their front page. However,
> the problem sounds exactly like the problem fixed in zlib 1.2.2. Did
> eWeek just pick up an old story or is there a new bug? I do not see a
> version of zlib, but the article does say that the fix is not posted
> Since new Windows binaries will soon be posted, as well as a new version

> of TortoiseSVN, we should probably clear this up so that if there is a
> it is included.

Sorry. I should have used Google instead of just searching at CERT. It
looks like it is a real, new bug.


Even though I do not think a Subversion client would be particularly
vulnerable to this problem, we should probably hold any Windows releases
until there is a fix since zlib is linked statically in the Windows


Scanned for SoftLanding Systems, Inc. by IBM Email Security Management Services powered by MessageLabs.

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jul 7 15:23:58 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.