On 12.01.2017 22:39, Jeff Law wrote: > On 01/12/2017 02:26 PM, Matthias Klose wrote: >> On 12.01.2017 22:17, Jeff Law wrote: >>> On 01/05/2017 07:45 AM, Matthias Klose wrote: >>>> These are the changes updating zlib from 1.2.8 to 1.2.10. It is only used >>>> when >>>> building without a system zlib. The new release includes fixes for >>>> security >>>> issues CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843. >>>> >>>> Checked with a build with disabled system-zlib. Ok for the trunk? >>> Were there any changes that we needed to carry forward or any changes you >>> needed >>> to make to the upstream sources? >> >> I backed out the changes to the configure* and Makefile* changes (and only >> these), which are completely different to zlib upstream. There are no >> additions/deletions to zlib source files, so these build changes still work >> with >> the updated zlib. > One more note. I think that, in general, backing out local changes which > don't > have a strong need to be carried forward is absolutely the right thing to do. > The less hacking we do on these libraries we pull from other sources, the > better, IMHO.
agreed, except for the build system (and a locally fixed typo in zlib's ChangeLog), everything applied cleanly. Please import it into the binutils-gdb repository. Matthias
