1 files changed, 27 insertions, 0 deletions

diff --git a/pkgs/development/libraries/zlib/CVE-2018-25032-2.patch b/pkgs/development/libraries/zlib/CVE-2018-25032-2.patch
new file mode 100644
index 0000000000000..dadc904a07fbb
--- /dev/null
+++ b/pkgs/development/libraries/zlib/CVE-2018-25032-2.patch
@@ -0,0 +1,27 @@
+From 4346a16853e19b45787ce933666026903fb8f3f8 Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Tue, 17 Apr 2018 22:44:41 -0700
+Subject: [PATCH 2/2] Assure that the number of bits for deflatePrime() is
+ valid.
+
+---
+ deflate.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/deflate.c b/deflate.c
+index 19cba87..23aef18 100644
+--- a/deflate.c
++++ b/deflate.c
+@@ -589,7 +589,8 @@ int ZEXPORT deflatePrime (strm, bits, value)
+ 
+     if (deflateStateCheck(strm)) return Z_STREAM_ERROR;
+     s = strm->state;
+-    if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
++    if (bits < 0 || bits > 16 ||
++        s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
+         return Z_BUF_ERROR;
+     do {
+         put = Buf_size - s->bi_valid;
+-- 
+2.33.1
+