Hi experts,
We found that zlib in opennurbs is with low version 1.2.3, do you have any plan to update it to 1.2.13 to fix a security issue (CVE-2022-37434)?
Although this issue was found in 1.2.12 (not in 1.2.3), but updating zlib seems also necessary for the future maintenance.
Thank you!
Robin
I asked about this four years ago and was told, “We have no plans to change the version of zlib openNURBS uses”:
Though it looks like an issue for upgrading ZLIB was created two years ago so maybe there is some progress:
https://mcneel.myjetbrains.com/youtrack/issue/RH-63503
Hi @darbyjohnston,
No work has been done on this - the issue is still slated for “future”.
– Dale
Thank you for your information!