Menu
Search

Forums

Forum Index

August 08, 2022
Gravatar of bcallah@openbsd.orgPosted by bcallah@openbsd.orgReply
bcallah@openbsd.org
Gravatar of bcallah@openbsd.org


Reply
https://issues.dlang.org/show_bug.cgi?id=23288

          Issue ID: 23288
           Summary: zlib: Fix potential buffer overflow
           Product: D
           Version: D2
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P1
         Component: phobos
          Assignee: nobody@puremagic.com
          Reporter: bcallah@openbsd.org

Hello --

There is a potential buffer overflow in Phobos's built-in zlib.

The fix is here: https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1

However, that fix broke curl, which prompted a further fix: https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d

I have a combined diff prepared.

--