[NOTE: to make the spambot happy, here are "sql" and "query"]
Hi This is an automated mail I'm sending to all vendors, developers, maintainers, etc. of software I use that, apparently, links statically to the compression library "zlib", or to any library that depends from it (f.e. libzip, libpng, libmng, etc.). A serious bug in the deflate algorythm implementation has been found that could lead to heap corruption in response to carefully crafted bogus inflated data, corruption that in turn can be exploited by external attackers for a wide array of remote attacks, including arbitrary code execution, if the affected software is used for a public service on the Internet, or to handle files received by e-mail, or published on the Web or Usenet Zlib has been updated to correct the bug, all vendors should update their products to this release of zlib the soonest possible If you have already been informed of this and/or are already taking appropriate actions, or if this doesn't apply to your product, or if you no longer maintain, or never have maintained the software in question, or if you don't officially maintain this particular version of the product, or if you don't maintain the Win32 binary distribution, please disregard my message, and sorry for the wasted bandwidth. In any case, I'll send no further unsolicited mail on the topic Full information on the bug can be found in the related CERT advisory: http://www.kb.cert.org/vuls/id/368819 The updated zlib can be downloaded from its home page: http://www.gzip.org/zlib/ Thanks for the attention. Best regards, KJK::Hyperion --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
