News about zlib-1.1.4.

author: Tim Peters <tim.peters@gmail.com> 2002-03-14 19:06:01 (GMT)
committer: Tim Peters <tim.peters@gmail.com> 2002-03-14 19:06:01 (GMT)
commit: fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4 (patch)
tree: 25233202ead45fc8484d2c92f83527cd8d86e82f
parent: dc8d40717c4428baf3542fc1e593e05a7d2ae876 (diff)
download: cpython-fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4.zip
cpython-fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4.tar.gz
cpython-fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4.tar.bz2
1 files changed, 5 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 6611c5d..3f1abd8 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -20,6 +20,11 @@ Core and builtins
 
 Extension modules
 
+- A security hole ("double free") was found in zlib-1.1.3, a popular
+  third party compression library used by some Python modules.  The
+  hole was quickly plugged in zlib-1.1.4, and the Windows build of
+  Python now ships with zlib-1.1.4.
+
 - pwd and grp return enhanced tuples now, with symbolic field names.
 
 - array.array is now a type object. A new format character
author	Tim Peters <tim.peters@gmail.com>	2002-03-14 19:06:01 (GMT)
committer	Tim Peters <tim.peters@gmail.com>	2002-03-14 19:06:01 (GMT)
commit	fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4 (patch)
tree	25233202ead45fc8484d2c92f83527cd8d86e82f
parent	dc8d40717c4428baf3542fc1e593e05a7d2ae876 (diff)
download	cpython-fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4.zip cpython-fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4.tar.gz cpython-fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4.tar.bz2