[jdk11u-dev] RFR: 8295530: Update Zlib Data Compression Library to Version 1.2.13
Stewart X Addison
duke at openjdk.org
Wed Mar 1 15:21:42 UTC 2023
Backporting zlib 1.2.13 from JDK17u due to https://nvd.nist.gov/vuln/detail/CVE-2022-37434 (9.8 CVSS score)
Tested on Windows which is generally the only platform I use which uses bundled zlib. This makes the `zlib` directory in the source identical to the one for JDK17u so should not cause any problems. I'll look at the feasibility of doing the same on JDK8 too.
Reviewed-by: alanb, jpai
-------------
Commit messages:
- 8295530: Update Zlib Data Compression Library to Version 1.2.13
Changes: https://git.openjdk.org/jdk11u-dev/pull/1788/files
Webrev: https://webrevs.openjdk.org/?repo=jdk11u-dev&pr=1788&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8295530
Stats: 11195 lines in 24 files changed: 9975 ins; 274 del; 946 mod
Patch: https://git.openjdk.org/jdk11u-dev/pull/1788.diff
Fetch: git fetch https://git.openjdk.org/jdk11u-dev pull/1788/head:pull/1788
PR: https://git.openjdk.org/jdk11u-dev/pull/1788
More information about the jdk-updates-dev
mailing list