Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Zlib_jll] Upgrade to v1.2.13 #47174

Merged
merged 2 commits into from
Oct 26, 2022
Merged

[Zlib_jll] Upgrade to v1.2.13 #47174

merged 2 commits into from
Oct 26, 2022

Conversation

giordano
Copy link
Contributor

@giordano giordano commented Oct 15, 2022
edited
Loading

This fixes CVE-2022-37434.

Usual memo to self:

  • update the version number in stdlib/Zlib_jll/Project.toml
  • update the version number in tests stdlib/Zlib_jll/test/runtests.jl
  • update the version number in deps/zlib.version
  • refresh checksums with make -f contrib/refresh_checksums.mk -j zlib

@giordano giordano added building Build system, or building Julia or its dependencies external dependencies Involves LLVM, OpenBLAS, or other linked libraries security System security concerns and vulnerabilities JLLs labels Oct 15, 2022
@PallHaraldsson
Copy link
Contributor

PallHaraldsson commented Oct 16, 2022
edited
Loading

Can and should we dynamically link (or just use, I'm not sure if it's just used like an external program) to system Zlib (IF it's newer)?

I do see USE_SYSTEM_ZLIB and:

Julia bundles the following external programs and libraries:
[..]

@giordano giordano merged commit f4101e9 into JuliaLang:master Oct 26, 2022
@giordano giordano deleted the mg/zlib branch October 26, 2022 00:36
@giordano giordano mentioned this pull request Nov 21, 2022
Merged
simonbyrne added a commit that referenced this pull request Nov 21, 2022
@simonbyrne
update MPFR
138d667 
checksums updated via approach described in #47174.
@simonbyrne simonbyrne mentioned this pull request Nov 21, 2022
Merged
giordano pushed a commit that referenced this pull request Nov 21, 2022
@simonbyrne
update MPFR (#47659)
5996520 
checksums updated via approach described in #47174.
KristofferC pushed a commit that referenced this pull request Nov 28, 2022
@simonbyrne @KristofferC
update MPFR (#47659)
3bc94a9 
checksums updated via approach described in #47174.

(cherry picked from commit 5996520)
@giordano giordano mentioned this pull request Dec 20, 2022
Closed
@giordano giordano mentioned this pull request Oct 10, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
building Build system, or building Julia or its dependencies external dependencies Involves LLVM, OpenBLAS, or other linked libraries JLLs security System security concerns and vulnerabilities
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@giordano @PallHaraldsson