bpo-47194: Update zlib to v1.2.12 on Windows to resolve CVE-2018-25032 (GH-32241)

(cherry picked from commit 6066739ff7) Co-authored-by: Zachary Ware <zach@python.org>
2025-07-24 03:35:53 +00:00 · 2022-04-02 06:39:03 -07:00 · 2022-04-02 06:39:03 -07:00 · 16a809ffb7
commit 16a809ffb7
parent 1069d52959
3 changed files with 3 additions and 2 deletions
--- a/Misc/NEWS.d/next/Windows/2022-04-01-14-57-40.bpo-47194.IB0XL4.rst
+++ b/Misc/NEWS.d/next/Windows/2022-04-01-14-57-40.bpo-47194.IB0XL4.rst
@ -0,0 +1 @@
+Update ``zlib`` to v1.2.12 to resolve CVE-2018-25032.
--- a/PCbuild/get_externals.bat
+++ b/PCbuild/get_externals.bat
@ -59,7 +59,7 @@ if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tcl-core-8.6.12.
 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tk-8.6.12.0
 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tix-8.4.3.6
 set libraries=%libraries%                                       xz-5.2.2
-set libraries=%libraries%                                       zlib-1.2.11
+set libraries=%libraries%                                       zlib-1.2.12

 for %%e in (%libraries%) do (
    if exist "%EXTERNALS_DIR%\%%e" (
--- a/PCbuild/python.props
+++ b/PCbuild/python.props
@ -67,7 +67,7 @@
    <opensslOutDir>$(ExternalsDir)openssl-bin-1.1.1n\$(ArchName)\</opensslOutDir>
    <opensslIncludeDir>$(opensslOutDir)include</opensslIncludeDir>
    <nasmDir>$(ExternalsDir)\nasm-2.11.06\</nasmDir>
-    <zlibDir>$(ExternalsDir)\zlib-1.2.11\</zlibDir>
+    <zlibDir>$(ExternalsDir)\zlib-1.2.12\</zlibDir>
    
    <!-- Suffix for all binaries when building for debug -->
    <PyDebugExt Condition="'$(PyDebugExt)' == '' and $(Configuration) == 'Debug'">_d</PyDebugExt>
				`@ -0,0 +1 @@`
				Update ``zlib`` to v1.2.12 to resolve CVE-2018-25032.