Re: Inquiry Regarding Security Status and CVE-2022-37434 for zlib in Alpine Linux 3.8

Dor Hayun <dor.hayun@whitesourcesoftware.com>

Details

Message ID: <53B55CAB-D9A4-4ADA-A2B2-A47DB0649649@whitesourcesoftware.com>
DKIM signature: missing

Hi,

You are correct, but we simply need to understand whether it is vulnerable or not. Why does it only appear for these branches and not below?

https://security.alpinelinux.org/vuln/CVE-2022-37434

Re: Inquiry Regarding Security Status and CVE-2022-37434 for zlib in Alpine Linux 3.8

Jan Kohnert <nospam001-lists@jan-kohnert.de>

Details

Message ID: <5718831.DvuYhMxLoT@kohni-mobil>
In-Reply-To: <53B55CAB-D9A4-4ADA-A2B2-A47DB0649649@whitesourcesoftware.com> (view parent)
DKIM signature: missing

Download raw message

6 months ago

Hi,

Am Dienstag, 17. Oktober 2023, 10:03:02 CEST schrieb Dor Hayun:
> You are correct, but we simply need to understand whether it is vulnerable
> or not. Why does it only appear for these branches and not below?

as stated, Alpine 3.8 has had end-of-life on May 1st, *2020* [1], the CVE is 
from *2022*

If you're really interested whether the CVE applies for a version having end-
of-any-support *two years before the bug was even discovered*, I'm afraid 
you're on your own or need to pay someone to do the research.

[1] https://endoflife.date/alpine

-- 
MfG Jan

~alpine/users

Re: Inquiry Regarding Security Status and CVE-2022-37434 for zlib in Alpine Linux 3.8

Re: Inquiry Regarding Security Status and CVE-2022-37434 for zlib in Alpine Linux 3.8