[Python-bugs-list] [ python-Bugs-771408 ] bzip2 and zlib need update: security flaws
SourceForge.net
noreply@sourceforge.net
Tue, 15 Jul 2003 07:09:01 -0700
Bugs item #771408, was opened at 2003-07-15 01:49
Message generated for change (Comment added) made by tim_one
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=771408&group_id=5470
Category: Python Library
Group: Python 2.3
Status: Open
Resolution: None
Priority: 5
Submitted By: Scott David Daniels (scott_daniels)
Assigned to: Nobody/Anonymous (nobody)
Summary: bzip2 and zlib need update: security flaws
Initial Comment:
I note that both zlib and bzip2 have newer versions
purporting to fix security problems (buffer overrun
possibilities). They each suggest upgrading if you are
using the libraries.
I'm not certain how the packaging goes, but I suspect
the Windows install includes these packages while
the other reference them. Unfortunately, I am out of
my depth in determining where to look and/or update.
I thought I'd just point out this announcement, and hope
someone who knows the vagaries of packagin is listening.
The latest version that are being looked for (and the
home page for the package):
http://www.gzip.org/zlib/ 1.1.4
http://sources.redhat.com/bzip2/ 1.0.2
-Scott David Daniels
----------------------------------------------------------------------
>Comment By: Tim Peters (tim_one)
Date: 2003-07-15 10:09
Message:
Logged In: YES
user_id=31435
Python 2.3a1 already used zlib 1.1.4 last year -- see the
Python NEWS file.
Don't know about bz2.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=771408&group_id=5470