-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is dart affected by Zlib Vulnerability - CVE-2018-25032? #48725
Comments
https://dart-review.googlesource.com/c/sdk/+/239820 rolls dart vm's zlib to 1.2.12 |
Addresses #48725 TEST=ci Change-Id: I34a8c974c88e6047de01d431f687e187b6d294a3 Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/239820 Reviewed-by: Siva Annamalai <asiva@google.com> Commit-Queue: Alexander Aprelev <aam@google.com>
Looking into the commit 29f9b20, I see you bumped the hash to |
https://github.com/dart-lang/sdk/blob/main/DEPS#L260 is where the dependency is defined for dart sdk. Was that what you were asking? |
Addresses #48725 TEST=ci Change-Id: I34a8c974c88e6047de01d431f687e187b6d294a3 Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/239820 Reviewed-by: Siva Annamalai <asiva@google.com> Commit-Queue: Alexander Aprelev <aam@google.com>
How we need to update Zlib in flutter app because it is showing vulnerability in security check |
@ramkgunturu12 wrote
Fixed version of zlib was rolled into dart starting from 2.17.0-266.5.beta, flutter starting from 2.13. So as long as you run on recent versions of dart/flutter, you should be fine. |
Is dart, and thus flutter, affeted by the Zlib Vulnerability - CVE-2018-25032?
The text was updated successfully, but these errors were encountered: