News about zlib-1.1.4.

commit: fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4 [log] [tgz]
author: Tim Peters <tim.peters@gmail.com> Thu Mar 14 19:06:01 2002 +0000
committer: Tim Peters <tim.peters@gmail.com> Thu Mar 14 19:06:01 2002 +0000
tree: 25233202ead45fc8484d2c92f83527cd8d86e82f
parent: dc8d40717c4428baf3542fc1e593e05a7d2ae876 [diff] [blame]
diff --git a/Misc/NEWS b/Misc/NEWS
index 6611c5d..3f1abd8 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS

@@ -20,6 +20,11 @@
 
 Extension modules
 
+- A security hole ("double free") was found in zlib-1.1.3, a popular
+  third party compression library used by some Python modules.  The
+  hole was quickly plugged in zlib-1.1.4, and the Windows build of
+  Python now ships with zlib-1.1.4.
+
 - pwd and grp return enhanced tuples now, with symbolic field names.
 
 - array.array is now a type object. A new format character
commit	fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4	[log] [tgz]
author	Tim Peters <tim.peters@gmail.com>	Thu Mar 14 19:06:01 2002 +0000
committer	Tim Peters <tim.peters@gmail.com>	Thu Mar 14 19:06:01 2002 +0000
tree	25233202ead45fc8484d2c92f83527cd8d86e82f
parent	dc8d40717c4428baf3542fc1e593e05a7d2ae876 [diff] [blame]