Skip to main content.
home | support | download

Back to List Archive

zlib 1.2.2 security fix

From: Peter Karman <karman(at)>
Date: Wed Dec 01 2004 - 22:12:28 GMT
Hadn't heard about this till just now, so thought others should know:

  Current release:

zlib 1.2.2

October 3rd, 2004

Version 1.2.2 eliminates a potential security vulnerability in zlib 
1.2.1, so all users of 1.2.1 should upgrade immediately. The following 
important fixes are provided in zlib 1.2.2:

     * Eliminate a potential security vulnerability when decoding 
invalid compressed data
     * Fix bug when decompressing dynamic blocks with no distance codes
     * Do not return an error when using gzread() on an empty file

Peter Karman  . .  karman(at)
Received on Wed Dec 1 14:12:32 2004