Revert "Merge patch series "zlib: Address CVE-2016-9841""
This series brings our zlib code more up to date. However, it drops an
important performance improvement that is required on some of our
supported platforms in order to boot Linux before the watchdog resets
the system. Furthermore, the "post increment" version of this
performance loop was not tested, so while we can fix it, it would then
require re-testing all platforms. At this point in time, we will revert
updating zlib (which has had a potential security issue since 2016) and
fix this in the v2024.10 release.
This reverts commit 4914263c9a14315390d3ccc4816cf3a94cfd156d, reversing
changes made to ef8ef5f77c9a998f76a48277a883af1645b54117.
Reported-by: Christophe Leroy <christophe.leroy@csgroup.eu>
Signed-off-by: Tom Rini <trini@konsulko.com>
diff --git a/lib/gzip.c b/lib/gzip.c
index a9a3df5..5d9c195 100644
--- a/lib/gzip.c
+++ b/lib/gzip.c
@@ -67,7 +67,7 @@
r = deflateInit2_(&s, Z_BEST_SPEED, Z_DEFLATED, window,
DEF_MEM_LEVEL, Z_DEFAULT_STRATEGY,
- sizeof(z_stream));
+ ZLIB_VERSION, sizeof(z_stream));
if (r != Z_OK) {
printf ("Error: deflateInit2_() returned %d\n", r);
return -1;