[ https://issues.apache.org/jira/browse/ARROW-16078?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kouhei Sutou resolved ARROW-16078. ---------------------------------- Resolution: Fixed Issue resolved by pull request 12760 [https://github.com/apache/arrow/pull/12760] > [C++] Upgrade bundled zlib to 1.2.12 > ------------------------------------ > > Key: ARROW-16078 > URL: https://issues.apache.org/jira/browse/ARROW-16078 > Project: Apache Arrow > Issue Type: Bug > Components: C++ > Reporter: Yibo Cai > Assignee: Yibo Cai > Priority: Major > Labels: pull-request-available > Fix For: 8.0.0, 7.0.1 > > Time Spent: 20m > Remaining Estimate: 0h > > From latets NVD report [https://nvd.nist.gov/vuln/detail/CVE-2018-25032] > zlib before 1.2.12 allows memory corruption when deflating (i.e., when > compressing) if the input has many distant matches. -- This message was sent by Atlassian Jira (v8.20.1#820001)