STM32CubeL4 icon indicating copy to clipboard operation
STM32CubeL4 copied to clipboard
verified publisher icon STMicroelectronics

Potential Vulnerability in Cloned Code

Open ivanaclairineirsan opened this issue 4 weeks ago • 1 comments

This PR fixes a potential security vulnerability in file inffast.c that was cloned from https://github.com/madler/zlib but did not receive the security patch.

Details:

Affected File: Projects/32L4P5GDISCOVERY/Demonstrations/Watermark/lib/zlib-1.2.8/inffast.c

Original Fix: https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb

What this PR does:

This PR applies the same security patch that was applied to the original repository to eliminate the potential vulnerability in the cloned code.

References:

  • https://www.cve.org/CVERecord?id=CVE-2016-9841
  • https://github.com/madler/zlib/commit/9aaec95e82117c1cb0f9624264c3618fc380cecb

Please review and merge this PR to ensure your repository is protected against this potential vulnerability.

ivanaclairineirsan avatar Dec 17 '25 16:12 ivanaclairineirsan

ST Internal Reference: 224292

KRASTM avatar Dec 23 '25 13:12 KRASTM