[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-03 Thread Ned Deily 


Ned Deily  added the comment:


New changeset 387f93c156288c170ff0016a75af06e109d48ee1 by Miss Islington (bot) 
in branch '3.7':
bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 
(GH-32241) (GH-32251)
https://github.com/python/cpython/commit/387f93c156288c170ff0016a75af06e109d48ee1


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-02 Thread miss-islington 


miss-islington  added the comment:


New changeset 16a809ffb7af14898ce9ec8165960d96cbcd4ec3 by Miss Islington (bot) 
in branch '3.10':
bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 
(GH-32241)
https://github.com/python/cpython/commit/16a809ffb7af14898ce9ec8165960d96cbcd4ec3


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-02 Thread miss-islington 


miss-islington  added the comment:


New changeset 0f0f85e9d8088eb789cda35477900df32adff546 by Miss Islington (bot) 
in branch '3.9':
bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 
(GH-32241)
https://github.com/python/cpython/commit/0f0f85e9d8088eb789cda35477900df32adff546


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-02 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +30322
pull_request: https://github.com/python/cpython/pull/32251

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-02 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +30321
pull_request: https://github.com/python/cpython/pull/32250

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-02 Thread miss-islington 


Change by miss-islington :


--
pull_requests: +30320
pull_request: https://github.com/python/cpython/pull/32249

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-02 Thread miss-islington 


Change by miss-islington :


--
nosy: +miss-islington
nosy_count: 8.0 -> 9.0
pull_requests: +30319
pull_request: https://github.com/python/cpython/pull/32248

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-02 Thread Steve Dower 


Steve Dower  added the comment:


New changeset 6066739ff7794e54c98c08b953a699cbc961cd28 by Zachary Ware in 
branch 'main':
bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 
(GH-32241)
https://github.com/python/cpython/commit/6066739ff7794e54c98c08b953a699cbc961cd28


--

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-01 Thread Zachary Ware 


Change by Zachary Ware :


--
keywords: +patch
pull_requests: +30312
stage: needs patch -> patch review
pull_request: https://github.com/python/cpython/pull/32241

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue47194] Upgrade to zlib v1.2.12 in CPython binary releases

2022-04-01 Thread Gregory P. Smith 


New submission from Gregory P. Smith :

zlib v1.2.11 as used in Windows binary releases contains a security issue that, 
while fixed in its git repo years ago, never wound up in a release or a CVE 
until just now.

Folllow the https://www.openwall.com/lists/oss-security/2022/03/24/1 thread and 
the and recently assigned CVE-2018-25032.

I believe we only ship our own zlib on Windows so this issue is tagged as such. 
 The above oss-security thread is where an idea of severity will come out.

--
components: Extension Modules, Windows
messages: 416510
nosy: gregory.p.smith, lukasz.langa, ned.deily, pablogsal, paul.moore, 
steve.dower, tim.golden, zach.ware
priority: release blocker
severity: normal
stage: needs patch
status: open
title: Upgrade to zlib v1.2.12 in CPython binary releases
type: security
versions: Python 3.10, Python 3.11, Python 3.7, Python 3.8, Python 3.9

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com