Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix broken zlib dependency, update it from 1.2.11 to 1.2.12 #9764

Closed
wants to merge 1 commit into from
Closed

Fix broken zlib dependency, update it from 1.2.11 to 1.2.12 #9764

wants to merge 1 commit into from

Conversation

jackrobison
Copy link
Contributor

Zlib (https://www.zlib.net/) has been updated to 1.2.12 due to CVE-2018-25032

The source .tar.gz is no longer available, and the Makefile for rocksdb now fails as a result. This PR updates the dependency to the newer (and available) version, 1.2.12

@adamretter
Copy link
Collaborator

@jackrobison Thanks LGTM.
@jay-zhuang Could you update the version of ZLib in your S3 bucket please and then re-trigger CI, so that we can check this passes.

@facebook-github-bot
Copy link
Contributor

@jay-zhuang has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator.

jay-zhuang
jay-zhuang approved these changes Mar 29, 2022
View reviewed changes
Copy link
Contributor

@jay-zhuang jay-zhuang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@facebook-github-bot
Copy link
Contributor

@jackrobison has updated the pull request. You must reimport the pull request before landing.

@facebook-github-bot
Copy link
Contributor

@jay-zhuang has imported this pull request. If you are a Meta employee, you can view this diff on Phabricator.

@ajkr ajkr mentioned this pull request Apr 5, 2022
Merged
ajkr pushed a commit that referenced this pull request Apr 18, 2022
@jackrobison @ajkr
Fix broken zlib dependency, update it from 1.2.11 to 1.2.12 (#9764)
c815f31 
Summary:
Zlib (https://www.zlib.net/) has been updated to 1.2.12 due to CVE-2018-25032

- https://nvd.nist.gov/vuln/detail/CVE-2018-25032
- madler/zlib#605

The source .tar.gz is no longer available, and the Makefile for rocksdb now fails as a result. This PR updates the dependency to the newer (and available) version, 1.2.12

Pull Request resolved: #9764

Reviewed By: ajkr

Differential Revision: D35220367

Pulled By: jay-zhuang

fbshipit-source-id: 1f68ff8f048a6dba42077f048ac143468f0e2478
@luk-lo
Copy link

luk-lo commented May 13, 2022

Does this zlib issue have any impact on rocksdb versions before this change? I am wondering whether I need to upgrade from 6.x

@chetangudisagar chetangudisagar mentioned this pull request May 26, 2022
Merged
4 tasks
Myasuka pushed a commit to Myasuka/rocksdb that referenced this pull request Jul 18, 2022
@jackrobison
Fix broken zlib dependency, update it from 1.2.11 to 1.2.12 (facebook…
20c9da0 
…#9764)

Summary:
Zlib (https://www.zlib.net/) has been updated to 1.2.12 due to CVE-2018-25032

- https://nvd.nist.gov/vuln/detail/CVE-2018-25032
- madler/zlib#605

The source .tar.gz is no longer available, and the Makefile for rocksdb now fails as a result. This PR updates the dependency to the newer (and available) version, 1.2.12

Pull Request resolved: facebook#9764

Reviewed By: ajkr

Differential Revision: D35220367

Pulled By: jay-zhuang

fbshipit-source-id: 1f68ff8f048a6dba42077f048ac143468f0e2478
Myasuka pushed a commit to Myasuka/frocksdb that referenced this pull request Jul 18, 2022
@jackrobison
Fix broken zlib dependency, update it from 1.2.11 to 1.2.12 (#9764)
cb3dd13 
Summary:
Zlib (https://www.zlib.net/) has been updated to 1.2.12 due to CVE-2018-25032

- https://nvd.nist.gov/vuln/detail/CVE-2018-25032
- madler/zlib#605

The source .tar.gz is no longer available, and the Makefile for rocksdb now fails as a result. This PR updates the dependency to the newer (and available) version, 1.2.12

Pull Request resolved: facebook/rocksdb#9764

Reviewed By: ajkr

Differential Revision: D35220367

Pulled By: jay-zhuang

fbshipit-source-id: 1f68ff8f048a6dba42077f048ac143468f0e2478
Myasuka pushed a commit to Myasuka/frocksdb that referenced this pull request Jul 18, 2022
@jackrobison @Myasuka
Fix broken zlib dependency, update it from 1.2.11 to 1.2.12 (#9764)
2b2d30f 
Summary:
Zlib (https://www.zlib.net/) has been updated to 1.2.12 due to CVE-2018-25032

- https://nvd.nist.gov/vuln/detail/CVE-2018-25032
- madler/zlib#605

The source .tar.gz is no longer available, and the Makefile for rocksdb now fails as a result. This PR updates the dependency to the newer (and available) version, 1.2.12

Pull Request resolved: facebook/rocksdb#9764

Reviewed By: ajkr

Differential Revision: D35220367

Pulled By: jay-zhuang

fbshipit-source-id: 1f68ff8f048a6dba42077f048ac143468f0e2478
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jay-zhuang jay-zhuang jay-zhuang approved these changes

Assignees
No one assigned
Labels
CLA Signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jackrobison @adamretter @facebook-github-bot @luk-lo @jay-zhuang