From https://github.com/madler/zlib/commit/5c44459c3b28a9bd3283aaceab7c615f8020c531: "This bug was reported by Danilo Ramos of Eideticom, Inc. It has lain in wait 13 years before being found! The bug was introduced in zlib 1.2.2.2, with the addition of the Z_FIXED option. That option forces the use of fixed Huffman codes. For rare inputs with a large number of distant matches, the pending buffer into which the compressed data is written can overwrite the distance symbol table which it overlays. That results in corrupted output due to invalid distances, and can result in out-of-bound accesses, crashing the application. The fix here combines the distance buffer and literal/length buffers into a single symbol buffer. Now three bytes of pending buffer space are opened up for each literal or length/distance pair consumed, instead of the previous two bytes. This assures that the pending buffer cannot overwrite the symbol table, since the maximum fixed code compressed length/distance is 31 bits, and since there are four bytes of pending space for every three bytes of symbol space."
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d55f1223957344dd8aaa16d5f609b46d7d2b598e commit d55f1223957344dd8aaa16d5f609b46d7d2b598e Author: Sam James <sam@gentoo.org> AuthorDate: 2022-03-28 06:43:11 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-03-28 06:43:26 +0000 sys-libs/zlib: add 1.2.12 Bug: https://bugs.gentoo.org/835958 Signed-off-by: Sam James <sam@gentoo.org> sys-libs/zlib/Manifest | 2 + sys-libs/zlib/zlib-1.2.12.ebuild | 187 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 189 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cb5eb206b488b495be7cab1bc72526a79d49428b commit cb5eb206b488b495be7cab1bc72526a79d49428b Author: Sam James <sam@gentoo.org> AuthorDate: 2022-03-28 06:50:42 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-03-28 06:51:20 +0000 sys-libs/zlib: unkeyword 1.2.12 Checking something... Bug: https://bugs.gentoo.org/835958 Signed-off-by: Sam James <sam@gentoo.org> sys-libs/zlib/zlib-1.2.12.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e2bd29b39d577e88ecf6bc0752cd50c56ea6411 commit 5e2bd29b39d577e88ecf6bc0752cd50c56ea6411 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-03-28 07:28:51 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-03-28 07:29:30 +0000 sys-libs/zlib: revbump 1.2.12 for configure fix For me, it silently installed no 32-bit lib (or tried to build it statically, which then didn't get installed), so let's be cautious. Still unkeyworded until later though. Bug: https://bugs.gentoo.org/835958 Bug: https://bugs.gentoo.org/836308 Fixes: 0a91cef90a3879f5fe3763a01c0f37c336bd1a6c Signed-off-by: Sam James <sam@gentoo.org> sys-libs/zlib/{zlib-1.2.12.ebuild => zlib-1.2.12-r1.ebuild} | 0 1 file changed, 0 insertions(+), 0 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=cd0a0f16ebdc4cf2d18378213d8476aeb42ff810 commit cd0a0f16ebdc4cf2d18378213d8476aeb42ff810 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-03-29 01:59:47 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-03-29 02:00:40 +0000 sys-libs/zlib: keyword 1.2.12-r1 Issues are fixed now. Nothing else has come up other than the now-fixed CC-configure issue. Bug: https://bugs.gentoo.org/835958 Signed-off-by: Sam James <sam@gentoo.org> sys-libs/zlib/files/zlib-1.2.12-fix-CC-logic-in-configure.patch | 6 ++++-- sys-libs/zlib/zlib-1.2.12-r1.ebuild | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-)
Request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=19befd853907b89ff1a5ea81ae63b19dbb1d7655 commit 19befd853907b89ff1a5ea81ae63b19dbb1d7655 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-10-31 20:36:54 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-10-31 20:37:38 +0000 [ GLSA 202210-42 ] zlib: Multiple vulnerabilities Bug: https://bugs.gentoo.org/835958 Bug: https://bugs.gentoo.org/863851 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202210-42.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+)
GLSA released, all done!