Patched zlib security hole discussed here:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
--- a/CHANGELOG Wed Jul 13 15:06:21 2005 +0000
+++ b/CHANGELOG Wed Jul 13 15:10:00 2005 +0000
@@ -2,7 +2,8 @@
* CHANGELOG.
*/
-07132005 - Updated zlib to 1.2.2.
+07132005 - Updated zlib to 1.2.2, and patched it for this security hole:
+ http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096
06122005 - Added support for mingw to Unix build process (thanks, Matze!).
03162005 - Added missing translation and Portuguese support (thanks, Danny!).
MPW support and several MacOS Classic fixes (thanks, Chris!).
--- a/zlib122/inftrees.c Wed Jul 13 15:06:21 2005 +0000
+++ b/zlib122/inftrees.c Wed Jul 13 15:10:00 2005 +0000
@@ -134,7 +134,7 @@
left -= count[len];
if (left < 0) return -1; /* over-subscribed */
}
- if (left > 0 && (type == CODES || (codes - count[0] != 1)))
+ if (left > 0 && (type == CODES || max != 1))
return -1; /* incomplete set */
/* generate offsets into symbol table for each length for sorting */