- Revenera Community
- :
- InstallShield
- :
- InstallShield Knowledge Base
- :
- HOTFIX: Fix for vulnerability in zlib - CVE-2018-25032
- Mark as New
- Mark as Read
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
HOTFIX: Fix for vulnerability in zlib - CVE-2018-25032
HOTFIX: Fix for vulnerability in zlib - CVE-2018-25032
Summary
Setups built out of InstallShield use zlib version 1.2.11 which has a known vulnerability CVE-2018-25032 which is resolved in zlib version 1.2.12. Please note that the vulnerability can't be exploited when using installers built of InstallShield. The library can be exploited only during 'deflating' (compressing) process. zlib is not used for compressing when installers are run. However, we are providing a hotfix as a pre-emptive measure to ensure that installers pass through security scans without any issues
Affected InstallShield Versions
This vulnerability affects InstallShield 2021 and below
Resolution
Engineering has released a hotfix that resolves this issue by updating the old Zlib version 1.2.11 to 1.2.12
Hotfix Links
InstallShield 2021 R2: Download Hotfix
InstallShield 2020 R3 SP1: Download Hotfix
InstallShield 2019 R3: Download Hotfix
InstallShield 2018 and below: Customers are encouraged to upgrade to InstallShield 2019 or above