- Revenera Community
- :
- InstallShield
- :
- InstallShield Forum
- :
- Zlib < v1.2.11 vulnerability
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hi Everyone,
We received a CVSS 7.5 rated finding in our open source scans, which is related to zlib. https://nvd.nist.gov/vuln/detail/CVE-2018-25032
As far as I know InstallShield uses zlib as an oss component. Is there a hotfix in plan already? The fix came out recently by zlib.(zlib 1.2.12 - March 27, 2022)
Best regards,
Daniel
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hello @danielkfl , @svengalamr
Hotfix for InstallShield 2021 is released. For details and download links, please refer to this article HOTFIX: Fix for vulnerability in zlib - CVE-2018-25032 - Community (flexera.com)
@kingraj Hotfix for InstallShield 2020 and 2019 is in the works and will be available in the same post as above. For versions below 2019, there are no plans to issue a hotfix and we strongly recommend to upgrade to a newer version.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hello Daniel,
Thanks for highlighting this. Our engineering team is working on a resolution for this issue for InstallShield 2021 and hopeful to issue a hotfix on or before 22-Apr-2022.
Please reach out to our support team, in case you have any further questions.
Thank you !
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hi,
When can we expect hotfix for InstallShield 2018 or 2019 version.
Thanks,
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hi @vdonga .
Good day..
Can you please let us know when can we expect the patch/SP for Installshield 2020
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hello @danielkfl , @svengalamr
Hotfix for InstallShield 2021 is released. For details and download links, please refer to this article HOTFIX: Fix for vulnerability in zlib - CVE-2018-25032 - Community (flexera.com)
@kingraj Hotfix for InstallShield 2020 and 2019 is in the works and will be available in the same post as above. For versions below 2019, there are no plans to issue a hotfix and we strongly recommend to upgrade to a newer version.
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Where about InstallAnywhere?
- Tags:
- installanywhere
- Mark as New
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
InstallAnywhere 2022 R2 released in Dec '22 has been upgraded to use the latest zlib library