* Moritz Muehlenhoff: > MySQL bundles a copy of zlib, which is vulnerable to DoS and potential > arbitrary code execution due to a buffer overflow in the inflate function.
It doesn't seem to be compiled into the executables, though. Could you provide some evidence that static linking is indeed taking place (e.g. output from "strings -a")? > This is fixed in latest 4.1.13 upstream or in the Bitkeeper patch > I've attached. Please refer to CAN-2005-2096 is the changelog when > fixing this. The patch is incomplete because it does not address the CAN-2005-1849 issue. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
