CVE-2022-37434 zlib patching

alpinelinux / docker-alpine

Official Alpine Linux Docker image. Win at minimalism!

MIT License

1.08k stars 262 forks source link

CVE-2022-37434 zlib patching #290

Open huornlmj opened 1 year ago

huornlmj commented 1 year ago

According to https://security.alpinelinux.org/vuln/CVE-2022-37434 version 1.2.12-r3 of zlib has been fixed but the version remains the same. Does this mean it was patched and the version was not bumped?

jaolanlo commented 1 year ago

It would be nice if you can respond or provide further details, we are having issues with our security scans due to this topic.

chendinghuo commented 1 year ago

The same. I installed version 1.2.12-r3 of zlib-static on ALPINE_LINUX_3_12 Image operating system. But the scan tool says the version is still 1.2.12-r1.X86_64.