Hi Luis,
There is a CVE [1] for zlib < 1.2.12 (released march 27th).
GCC currently uses zlib 1.2.11, and binutils-gdb imports the zlib directory
from GCC. The recommendation is to get it updated to 1.2.12, which contains the
proper fix [2].
Right - I have now updated the binutils-gdb mainline sources with this release.
Whilst it is true that the gcc version of zlib sources had diverged slightly
from
the 1.2.11 release sources, I think that it was just some changes cherry picked
from the developments that went in to 1.2.12. So a simple rebase should be
safe.
Cheers
Nick
