zlib bug

Renato Martini rmartini@cipsga.org.br
Thu Mar 14 22:09:01 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160


I read just now the"CERT Advisory CA-2002-07 Double Free Bug in zlib Compression
Library" - CA-2002-07, http://www.cert.org/advisories/CA-2002-07.html.

The GnuPG uses the zlib library (release 1.1.3), and the
systems affected are "any  software  that  is  linked  to
zlib  1.1.3 or earlier", or "data  compression libraries derived from zlib 1.1.3 or
earlier may contain a similar bug".


The gpg is affected by this bug in zlib?
The zlib library inside the GnuPG package or in the CVS will be changed?


best regards

- ---------
  __|_ _| _ \  __|  __|   \    | Renato Martini ::: Diretor Administrativo
 (     |  __/\__ \ (_ |  _ \   | http://www.cipsga.org.br
\___|___|_|  ____/\___|_/  _\  | http://gnupg.unixsecurity.com.br
- -----------------------------------------------------------------------
"O Fantasia, che dei tempi e delle distanze fai il tuo giuoco audace!"
                         (Gabriele d'Annunzio)



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8kmNrYogE2yD8bPYRA1OkAKDG8mzbEWp3lWcCIk3Nd624KWd/JwCg0Mrn
uSBkeJ5sp1KzBylHmlGPyck=
=VBAO
-----END PGP SIGNATURE-----