lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 29 Oct 2007 22:04:53 +0100 From: "Stefan Kanthak" <stefan.kanthak@...go.de> To: <bugtraq@...urityfocus.com> Subject: Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) I wrote Sunday, October 21, 2007 2:18 PM: > Anonymous <farion42@...oo.de> wrote Saturday, October 20, 2007 11:55 AM: > >> As a workaround, one could try to manually replace zlib32.dll in a Windows >> GSView 4.8 installation with the current zlib1.dll version 1.2.3. [...] > Unfortunately the maintainer of GSview choose not to reply to my bug > report which included a question about the source of the ZLIB32.DLL. The maintainer finally replied to the last of my three attempts to contact him (very timely, regarding the different timezones we are in): | I can't do much about it just at the moment. I've had a computer | motherboard failure and while I've now got a new computer, I haven't | got all my development tools running yet. | | I will update the DLL in the next release. Yes, I compiled the DLL | myself. There wasn't a precompiled version at the time I started using | it. > As long as I cant be sure that the replacement zlib1.dll from zlib.net > is fully compatible to the ZLIB32.DLL distributed with GSview 4.8 I wont > give any advice to exchange it. q.e.d. Stefan
Powered by blists - more mailing lists