[Bug gdb/29467] New: CVE-2018-25032 : Memory corruption when deflating if the input has many distant matches

public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed

From: "vishnu.sarath at ashling dot com" <sourceware-bugzilla@sourceware.org>
To: gdb-prs@sourceware.org
Subject: [Bug gdb/29467] New: CVE-2018-25032 : Memory corruption when deflating if the input has many distant matches
Date: Wed, 10 Aug 2022 14:18:33 +0000	[thread overview]
Message-ID: <bug-29467-4717@http.sourceware.org/bugzilla/> (raw)

https://sourceware.org/bugzilla/show_bug.cgi?id=29467

            Bug ID: 29467
           Summary: CVE-2018-25032 : Memory corruption when deflating if
                    the input has many distant matches
           Product: gdb
           Version: 12.1
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: gdb
          Assignee: unassigned at sourceware dot org
          Reporter: vishnu.sarath at ashling dot com
  Target Milestone: ---

Hi,

The latest version of GDB : 12.1 uses the zlib version 1.2.11 which is having
the CVE : CVE-2018-25032 open. This CVE seems to be fixed in the zlib version
1.2.12. Can we start using the new version of zlib from next release version of
ARM GDB?

Thanks,
Vishnu

-- 
You are receiving this mail because:
You are on the CC list for the bug.

next             reply	other threads:[~2022-08-10 14:18 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-08-10 14:18 vishnu.sarath at ashling dot com [this message]
2022-08-10 14:20 ` [Bug gdb/29467] " vishnu.sarath at ashling dot com
2022-11-22 13:07 ` ginoks at gmail dot com
2022-11-22 14:21 ` vries at gcc dot gnu.org
2022-11-22 14:22 ` vries at gcc dot gnu.org
2022-11-22 17:41 ` tromey at sourceware dot org

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-29467-4717@http.sourceware.org/bugzilla/ \
    --to=sourceware-bugzilla@sourceware.org \
    --cc=gdb-prs@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).