[jdk11u-dev] RFR: 8295530: Update Zlib Data Compression Library to Version 1.2.13
Paul Hohensee
phh at openjdk.org
Thu Mar 2 18:38:17 UTC 2023
On Wed, 1 Mar 2023 15:12:34 GMT, Stewart X Addison <duke at openjdk.org> wrote:
> Backporting zlib 1.2.13 from JDK17u due to https://nvd.nist.gov/vuln/detail/CVE-2022-37434 (9.8 CVSS score)
> Tested on Windows which is generally the only platform I use which uses bundled zlib. This makes the `zlib` directory in the source identical to the one for JDK17u so should not cause any problems. I'll look at the feasibility of doing the same on JDK8 too.
>
> Reviewed-by: alanb, jpai
Tagged the JBS issue.
-------------
PR: https://git.openjdk.org/jdk11u-dev/pull/1788
More information about the jdk-updates-dev
mailing list