zlib: Multiple vulnerabilities A buffer overflow in zlib might allow an attacker to cause remote code execution. zlib 2022-10-31 2022-10-31 863851 835958 remote 1.2.12-r3 1.2.12-r3

zlib is a widely used free and patent unencumbered data compression library.

Multiple vulnerabilities have been discovered in zlib. Please review the CVE identifiers referenced below for details.

Maliciously crafted input handled by zlib may result in remote code execution.

There is no known workaround at this time.

All zlib users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=sys-libs/zlib-1.2.12-r3" CVE-2018-25032 CVE-2022-37434 sam ajak