Re: git: dc3509f1aafc - main - zlib: Fix a bug when getting a gzip header extra field with inflate().

In reply to: Ed Maste : "Re: git: dc3509f1aafc - main - zlib: Fix a bug when getting a gzip header extra field with inflate()."
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Ed Maste <emaste_at_freebsd.org>
Date: Mon, 08 Aug 2022 16:01:21 UTC

On Fri, 5 Aug 2022 at 11:48, Ed Maste <emaste@freebsd.org> wrote:
>
> On Fri, 5 Aug 2022 at 09:34, Ed Maste <emaste@freebsd.org> wrote:
> >
> > The branch main has been updated by emaste:
> >
> > URL: https://cgit.FreeBSD.org/src/commit/?id=dc3509f1aafcd966f3dd9226115cf94b691ff3c7
> >
> > commit dc3509f1aafcd966f3dd9226115cf94b691ff3c7
> > Author:     Mark Adler <fork@madler.net>
> > AuthorDate: 2022-07-30 22:51:11 +0000
> > Commit:     Ed Maste <emaste@FreeBSD.org>
> > CommitDate: 2022-08-05 02:30:20 +0000
> >
> >     zlib: Fix a bug when getting a gzip header extra field with inflate().
>
> For reference, this is CVE-2022-37434. Code to demonstrate the flaw is
> available at https://github.com/ivd38/zlib_overflow
> Found by "EL of @intevydis"

And there's an issue reported with the change, details at
https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1

I'll MFC this once this is sorted out and fixed in main.