« Industrial Estates in India Make Programmers Think Twice About Coming to the USA | Main | Microcontent Publishes Interview with Authors of "Running Weblogs with Slash" »

What is the Zlib Double-Free Vulnerability and Why Should I Care?

Dave Aiello wrote, "Last week, a story made the rounds of a bug in a component of Linux called Zlib. This is a library upon which gzip (GNU zip), a compression utility, is based. Gzip turned out to be much more widely implemented than originally thought, in part because it is implemented without use of any patented compression algorithms."

"It turns out that a number of widely-used Perl modules also use the zlib library. I had no idea what the scope of the effort involved in patching the affected Perl modules would be. So, I posted a question about it on PerlMonks and got some interesting responses. I recommend that developers with Perl code in production read this PerlMonks thread and consider the implications."

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


CTDATA Venutures (CTDATA) develops Internet and Intranet applications for corporations and non profit organizations. Our services include:

  • Consulting services for Movable Type and TypePad-based publishing systems (visit our Weblog Improvement website for more information),
  • Financial services business process consulting,
  • Content management system and knowledge management system consulting,
  • Apache web server engineering and hosting,
  • MySQL, Sybase, and Microsoft SQL Server architecture and development,
  • SOAP, REST, and XML-RPC system architecture and programming, including Amazon Web Services and
  • Weblog publishing.
For more information, contact Dave Aiello by email at dave [at] daveaiello.com or call him at +1-267-352-4420.
Copyright © 1995-2010, CTDATA Ventures. All Rights Reserved.
Powered by
Movable Type 4.25