Zandronum Chat @ irc.zandronum.com
#zandronum
Get the latest version: 3.0
Source Code

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0003297Doomseeker[All Projects] Suggestionpublic2017-10-08 02:192017-10-08 02:20
ReporterWubTheCaptain 
Assigned To 
PrioritynormalSeverityexploitReproducibilityhave not tried
StatusnewResolutionopen 
PlatformOSOS Version
Product Version1.1 
Target VersionFixed in Version 
Summary0003297: Update bundled zlib 1.2.7 dependency
DescriptionDoomseeker source bundles a private fork of zlib 1.2.7.

I propose it to be updated to a recent version.
Additional InformationThe README file incorrectly suggests the bundled zlib dependency version to be 1.2.5.

Suggested downstream by Gentoo GNU/Linux:https://wiki.gentoo.org/wiki/Why_not_bundle_dependencies#What_to_do_upstream [^]

Quote from Gentoo Wiki
When keeping dependency D bundled make sure to follow the upstream of D closely and update your copy to a recent version of D on every minor (and major) release to at least reduce the damage done to people using your bundled version a little.


Current release available is zlib 1.2.11.http://zlib.net/ [^]

Note: Vulnerabilities were discovered in zlib 1.2.8 (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843). Pre-cautionary exploit severity.
Attached Files

- Relationships
related to 0003238closed Split Doomseeker's build dependencies off source archive distribution, distribute seperately 

-  Notes
There are no notes attached to this issue.

Issue Community Support
Only registered users can voice their support. Click here to register, or here to log in.
Supporters: No one explicitly supports this issue yet.
Opponents: No one explicitly opposes this issue yet.

- Issue History
Date Modified Username Field Change
2017-10-08 02:19 WubTheCaptain New Issue
2017-10-08 02:20 WubTheCaptain Relationship added related to 0003238






Questions or other issues? Contact Us.

Links


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker