CVE-2022-37434 (https://github.com/ivd38/zlib_overflow): zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). Does mysql-workbench bundle zlib in Gentoo?
(In reply to John Helmert III from comment #0) > Does mysql-workbench bundle zlib in Gentoo? No. In fact, I can't find where or how it would be used. It looks like that is only included in the Windows ebuilds. In any case I've just added mysql-workbench-8.0.32.
(In reply to Hans de Graaff from comment #1) > (In reply to John Helmert III from comment #0) > > > Does mysql-workbench bundle zlib in Gentoo? > > No. In fact, I can't find where or how it would be used. It looks like that > is only included in the Windows ebuilds. Curious! > In any case I've just added mysql-workbench-8.0.32. Thanks! I'll just invalid this bug as we're note affected.