Received: from EUR04-VI1-obe.outbound.protection.outlook.com (mail-vi1eur04on2139.outbound.protection.outlook.com [40.107.8.139])
	by gbr-app-1.alpinelinux.org (Postfix) with ESMTPS id 23F5C225C92
	for <~alpine/users@lists.alpinelinux.org>; Fri, 20 Oct 2023 08:12:06 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=WRLZth53gJ/KRQ+/1LJTJ9lnKmmlvgeLD0KkXA1Q8/+ZPzU+PbiSKxo6MeVCVN8F0yFikeD6j02wSOcrXNsQtCKnw3MlOICHvR6uATcj5D4S9Jf2UTPKYoPoSoXSqCX4ZZi9bhESCsU8ehZFIiKyZ5TCtIEmUM6eEJfBi9DzFiGGyvcmgXm/Vo49QYPvO0RUZjKIt6ipskYUAkLgXjUmfanT/S8gMeZaaWeEd8qN3469ddKnWniylE8QM74uIrd8Ru8tS+8dME4LKptxbt5BT2J5gbyg2gHuW7f9JCXeec98eBdYdS1Nx8QXWCv6b6SnmKAFQ9aGfPuQuqqrrHIY1w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=TxljZ1Ti0cLo6ZxftB7e/NQmpWhsn7i+KQf6/mdE5ts=;
 b=I3gNGwCfdAybm7J6TI2mTEzLtIJtGUfxbMF3pm82mKUWdU4+Km5Fm20UuOpk+GNZEbV9nxkKOaIZrQkoh+nlUP82NlVb0vxlXuDxUgaDmSQvKnzkKFXT2GBPLpG0H1jiFUcOe4zQjBZQmvFkwfjXOmcHSpC4dyNzvQrvjTQyN3red9V28Dnz7XawV5hbKD2b/U91SL3KQyXcV6U0o4KUjyPaeomNxViA/UmXQVX75PGCNmDVqy5v0wqJDEX1p8HWPfcgqYigI6laYuZbCER1LhN50iFA8eLJpeMHNaQlZxMlQMZBF9x0w+hrkN+wFGcyJTu7vXh6qkDqS/FdI/Lraw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com;
 dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.com;
 s=selector2;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=TxljZ1Ti0cLo6ZxftB7e/NQmpWhsn7i+KQf6/mdE5ts=;
 b=uxYNS6lzMd14LG9d86ryMiSdGn357mugIiyQS2fMOS6wtI/+p54dMxhjP16Dzs4+TZVh9b602uL9ljtE9mEo8O0K9ekui+Qd16KHJUth9IYRVlR12sD5sr/uLgFc+xmALOL3Z46aQ1/3Aipuvri1D+SA4wAba2kOjSpuv1+Og3qA4CkVm/GVeHq+9e0mYUdNvHzd4yCIN1YVlxOt8zLta6fubEEAq0buDaHDcpfM+ilhyhv5eXi5KNHCJB/eY0R6TIez7C5PtZb/MgNIbzoUe99FqTPSO7A3KtUjDB9ouzEm0BNYsjMZKt/SZd+pIUqTU1nGiHnNSaPm9jctsWrxlw==
Received: from DB9PR07MB7257.eurprd07.prod.outlook.com (2603:10a6:10:217::8)
 by PR3PR07MB6794.eurprd07.prod.outlook.com (2603:10a6:102:5d::7) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6907.23; Fri, 20 Oct
 2023 08:12:04 +0000
Received: from DB9PR07MB7257.eurprd07.prod.outlook.com
 ([fe80::8822:981a:a62d:da66]) by DB9PR07MB7257.eurprd07.prod.outlook.com
 ([fe80::8822:981a:a62d:da66%5]) with mapi id 15.20.6907.025; Fri, 20 Oct 2023
 08:12:04 +0000
From: "Alekh Kanubothula (Nokia)" <alekh.kanubothula@nokia.com>
To: "~alpine/users@lists.alpinelinux.org"
	<~alpine/users@lists.alpinelinux.org>
Subject: Zlib vulnerability CVE-2023-45853 in 3.18.3 and 3.18.4
Thread-Topic: Zlib vulnerability CVE-2023-45853 in 3.18.3 and 3.18.4
Thread-Index: AdoDLBPMDFWsP9PfQ8+epO4E6B08cg==
Date: Fri, 20 Oct 2023 08:12:04 +0000
Message-ID: 
 <DB9PR07MB725758A2D23F77F17C1D96B6EADBA@DB9PR07MB7257.eurprd07.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
authentication-results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=nokia.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: DB9PR07MB7257:EE_|PR3PR07MB6794:EE_
x-ms-office365-filtering-correlation-id: deab217b-986f-411f-7571-08dbd1443f04
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 
 X/kaPS97tltB1M8YnamELjrcm1Cih8CVOg3UEQE30YDT5clITQSjBBZW6GgoqOIzw0j2MYHuXJVogWwMvhjpIVEYo2lNmN8XmvvMXWe3jls1rub61nUV9nObwJYNVkPn5Os994f1V/5vd8Tx/QpdcZJbayZd4svl+LkwvOxAZXDDKIb/ZNdrOXQM6sWQxInZXy1k3OgHTJvZ4MaZmqwjV423N6SQI7lTWI0vDvKEQ/GyFoAwSV/Ga3w6oKPNs1FwtyFvJcWQtxtFMMxO6WNqtPjP+yOshdCIA9JroBaN/Mmpoli37Jm+qcK+qjTqivN8ll/jzZgADRg1DG2jLw94njrZ+ZmJS9hIIPcz4vIymQyn99JF9MVQSXRvQ9Q3yKaiAHUPmKzXd/7gamFP8Yd6EIe/DNiScGAEFXk9ADatjwhgRVFv/PFhxKXZL7JZrWSc4CINWG5G6mwZYP/4uSkLa+DwPdHgfowFQACvT6IiykuTHUxKLEHvEWuAlAaZPbUQ8ilVBJoziUZrJ/YcYtxBgaeZwnwtKDhoPj0O56yJNwRVQjnMPVCoalTVSafKHSYBQ7kZxtKAFi1enuLz+Xtwy7HPEulUiAmc1Ngg7GaPYGB+JZIgL+8uG105KW87iGX/soo7L4UuLM58hPvnHQNZkdsLOovMVh4vBlzQunnG/ZY=
x-forefront-antispam-report: 
 CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB9PR07MB7257.eurprd07.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230031)(376002)(346002)(396003)(366004)(136003)(39860400002)(230922051799003)(1800799009)(451199024)(186009)(64100799003)(38070700009)(86362001)(82960400001)(33656002)(558084003)(55016003)(41300700001)(9686003)(6506007)(38100700002)(66476007)(64756008)(5660300002)(66446008)(122000001)(7696005)(76116006)(8936002)(71200400001)(26005)(316002)(66556008)(66946007)(8676002)(83380400001)(2906002)(478600001)(52536014);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: 
 =?us-ascii?Q?Nvs6Km0tnECeiArb/aM6Jye4DV60Idtt6mzIhRS0Dx3uJv7Ypk83CL0aemMc?=
 =?us-ascii?Q?FejwTexuP54Vh06FMM3uy9jeKij2E99SCW3tEfGSxCcIrz/ZTQVaVkN+j87r?=
 =?us-ascii?Q?xv1PVy3bG0Zo+Tf9NLJtCDx6TFbDquZm5j9UumAVtIafVaj3nIQ6wVgvcMe5?=
 =?us-ascii?Q?lzAp3A/ZfcGnN9/aXRHFOH3Yzz1w2Fmi8IkI08D/ObVMzT9HO4TBq3Hw0v99?=
 =?us-ascii?Q?WXW5OBZNUHWtUg1VX7mJdEnywI1r2s2n+NiAM0p/9BXM1J9sQsFC72U3tLJE?=
 =?us-ascii?Q?ehOox3AZCIeNKQUuRB8L6AU1xcSN+QFKNT9bF7Yt1J+x2JgWQS2y8DMMMILN?=
 =?us-ascii?Q?fsx0rmwi1ZCj52MxgAgg5jpYscEaI/xrJCVLR06MdKAByr4SZsqnxXcmW6Mh?=
 =?us-ascii?Q?S7bGvlXtsnkmsLvFzovbItec3CUFnObA8J1Oxhi8c4le7RD7eZxYZ2FLlJkH?=
 =?us-ascii?Q?faCRyQkQQwDJzASyZGEFCcr2e0LngFe9ThoSUNNMMd4NTLBjQTNUCIIxkNNl?=
 =?us-ascii?Q?I4H2wEiII/THB2kyvWwif4I3RDKIvPpE4+PkcCo77fnx6pYw8bsHfhcImuVE?=
 =?us-ascii?Q?1u5m1kLoDSnHRZfyxSfLhG3dxLalvIVDuzOvKRwok+F5FoGAZ3Et+jlvUrMr?=
 =?us-ascii?Q?jqHkyZtfonO6I8eRVZ+LbSInTJ3ry/5jmYRTlzu9yBjYX1MCMB0KeE979v9A?=
 =?us-ascii?Q?hTU7/DO/xQtDJNrXs/2EZjU75iRCbgh7DOokaUO3F665o2h7mkFaaYeDhqOH?=
 =?us-ascii?Q?nhP3PHMKRJw8ewd5PzVWDog1E9jF0VSEqM8YYIpEd7Rr2NC245v33dFOxy/e?=
 =?us-ascii?Q?ADjrh0qL3WkaRY6U/w9HFVLHL5rV83F0ADZpzZ4LQse9Z9dICJoRc3s4HzYg?=
 =?us-ascii?Q?l44paJrAvGBNPqokuvya6m6Kqr3AX2jqn3+vDbL9G7pxIr1DIhQ6zEfZ84IV?=
 =?us-ascii?Q?3GTGxR6Q/4HCB9Jja0bPmnE6fQ4qBpzhWT6HDJ9SeVGijbHxTKcvVi01XIcY?=
 =?us-ascii?Q?UXla9jyNbDnv/zybXVh1jKVflnxoVLk7FWYRXYVzp+/H16efkrbR4NyaxUeJ?=
 =?us-ascii?Q?FbuOgIB0knS6/nfGmjbzIATFixOIKvHxdgaG5DrBbRrHOGHAPwiPiClGz7Rt?=
 =?us-ascii?Q?P89bk5WH3mfd7Brs8ECeUu2beiFC2XSUJahOuA1e/x0cL6EMtKQbkVNpp8Jb?=
 =?us-ascii?Q?lUb81jbZmnWfYZFV8x5/nJ7YjXU5N3dwmJciMN9sUid62IZP3m6bQxMXoerB?=
 =?us-ascii?Q?VoKpi6bnsgY6b+1v0Jb1qzG4f0ogY3h4A7Sm/HhXTMcB0Edvyse+zCb/NXbV?=
 =?us-ascii?Q?UbznbbeWnIwpX4FrZyi3APYr3KnI0yR9c/6gqqGm5eHYTXJGkeOkNMVdMWK+?=
 =?us-ascii?Q?yfMzwdfGB9h72eO5TXpgNEQILxO+Gu5JEmdBwkoaimncq98N00ABMRAQk6Pv?=
 =?us-ascii?Q?4xtnc4nW3VaU6i3ERgPQxawSsRSPXYCdGDyX95wH9pvvhrwin6cDO1lt2J+z?=
 =?us-ascii?Q?SnYwoEUANT/OmwIk7RsHD575btHqXXaYu47+dX5ktU9vxQ4VY30M4yDGdJqo?=
 =?us-ascii?Q?E0vriAihwvMyL+IU0ukncSPy/93ysrnLsMj0o8XuX9QlimYq4cnoCdggAGoA?=
 =?us-ascii?Q?uw=3D=3D?=
Content-Type: multipart/alternative;
	boundary="_000_DB9PR07MB725758A2D23F77F17C1D96B6EADBADB9PR07MB7257eurp_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: DB9PR07MB7257.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: deab217b-986f-411f-7571-08dbd1443f04
X-MS-Exchange-CrossTenant-originalarrivaltime: 20 Oct 2023 08:12:04.8248
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: KWohaUeS5aAF+9NuWjFYUNJMElRMlxe5E0ScZ91Zk62J7CQv4BPEBC9nJSb/BSwpNmfwJi5ymZYgiTHAmAda6kXp/dK3YHLwH1X8tyNGdF0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PR3PR07MB6794

--_000_DB9PR07MB725758A2D23F77F17C1D96B6EADBADB9PR07MB7257eurp_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi ,

Recently we found vulnerability related to zlib in 3.18.3 and 3.18.4. These=
 two versions are almost latest versions. Could you please let us know by w=
hen a new version will get released with the zlib patch ?

Thanks,
Alekh

--_000_DB9PR07MB725758A2D23F77F17C1D96B6EADBADB9PR07MB7257eurp_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:=
//www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;
	mso-ligatures:standardcontextual;
	mso-fareast-language:EN-US;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3D"EN-IN" link=3D"#0563C1" vlink=3D"#954F72" style=3D"word-wrap:=
break-word">
<div class=3D"WordSection1">
<p class=3D"MsoNormal"><span lang=3D"EN-US">Hi ,<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">Recently we found vulnerability=
 related to zlib in 3.18.3 and 3.18.4. These two versions are almost latest=
 versions. Could you please let us know by when a new version will get rele=
ased with the zlib patch ?<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US"><o:p>&nbsp;</o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">Thanks,<o:p></o:p></span></p>
<p class=3D"MsoNormal"><span lang=3D"EN-US">Alekh <o:p></o:p></span></p>
</div>
</body>
</html>

--_000_DB9PR07MB725758A2D23F77F17C1D96B6EADBADB9PR07MB7257eurp_--