From: Tim Peters <tim.peters@gmail.com>
Date: Thu, 14 Mar 2002 19:06:01 +0000 (+0000)
Subject: News about zlib-1.1.4.
X-Git-Tag: v2.3c1~6501
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fbf74f2acc9c3bbd8f77cb0fc3672e83b11881a4;p=python

News about zlib-1.1.4.
---

diff --git a/Misc/NEWS b/Misc/NEWS
index 6611c5dcd0..3f1abd89c8 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -20,6 +20,11 @@ Core and builtins
 
 Extension modules
 
+- A security hole ("double free") was found in zlib-1.1.3, a popular
+  third party compression library used by some Python modules.  The
+  hole was quickly plugged in zlib-1.1.4, and the Windows build of
+  Python now ships with zlib-1.1.4.
+
 - pwd and grp return enhanced tuples now, with symbolic field names.
 
 - array.array is now a type object. A new format character