Hi,
Ajayi, Temitope schrieb am 14.12.22 um 17:21:
It seems the version of zlib used in lxml is outdated. It currently shows up as
zlib 1.2.11 instead of zlib 1.2.13 on scan reports and therefore vulnerable to
CVE-2018-25032 and CVE-2022-37434.
Can I get some help on if this is correct or I am doing something wrong?
What lxml version are you using on which operating system? Are you using
pre-built binary wheels or building locally?
The binary wheels of lxml 4.9.2 should be using zlib 1.2.13 on Linux/macOS
and 1.2.12 on Windows.
Stefan
_______________________________________________
lxml - The Python XML Toolkit mailing list -- lxml@python.org
To unsubscribe send an email to lxml-le...@python.org
https://mail.python.org/mailman3/lists/lxml.python.org/
Member address: arch...@mail-archive.com