1.4.11 release candidate
wk at gnupg.org
Fri Sep 24 09:53:16 CEST 2010
On Thu, 23 Sep 2010 20:59, lists at michel-messerschmidt.de said:
> On Thu, Sep 23, 2010 at 08:26:19PM +0200, Werner Koch wrote:
>> On Thu, 23 Sep 2010 14:20, war_is_peace at privatdemail.net said:
>> > While you're at it, you might want to update zlib to version 1.2.5 -
>> > looking at the source, it seems that the currently used version is 1.1.4.
>> I see no reason for such an update.
> CVE-2003-0107 ?
That is about a buffer overflow in gzprintf - we don't use those high
level functions. Actually the included zlib code is stripped down to
the bare minimum.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users