From 387f93c156288c170ff0016a75af06e109d48ee1 Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
 <31488909+miss-islington@users.noreply.github.com>
Date: Sun, 3 Apr 2022 20:27:22 -0700
Subject: [PATCH] bpo-47194: Update zlib to v1.2.12 on Windows to resolve
 CVE-2018-25032 (GH-32241) (GH-32251)

(cherry picked from commit 6066739ff7794e54c98c08b953a699cbc961cd28)

Co-authored-by: Zachary Ware <zach@python.org>
---
 .../next/Windows/2022-04-01-14-57-40.bpo-47194.IB0XL4.rst       | 1 +
 PCbuild/get_externals.bat                                       | 2 +-
 PCbuild/python.props                                            | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)
 create mode 100644 Misc/NEWS.d/next/Windows/2022-04-01-14-57-40.bpo-47194.IB0XL4.rst

diff --git a/Misc/NEWS.d/next/Windows/2022-04-01-14-57-40.bpo-47194.IB0XL4.rst b/Misc/NEWS.d/next/Windows/2022-04-01-14-57-40.bpo-47194.IB0XL4.rst
new file mode 100644
index 00000000000..7e76add45fa
--- /dev/null
+++ b/Misc/NEWS.d/next/Windows/2022-04-01-14-57-40.bpo-47194.IB0XL4.rst
@@ -0,0 +1 @@
+Update ``zlib`` to v1.2.12 to resolve CVE-2018-25032.
diff --git a/PCbuild/get_externals.bat b/PCbuild/get_externals.bat
index 677a6a41ab6..57628396ed0 100644
--- a/PCbuild/get_externals.bat
+++ b/PCbuild/get_externals.bat
@@ -55,7 +55,7 @@ if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tcl-core-8.6.9.0
 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tk-8.6.9.0
 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tix-8.4.3.6
 set libraries=%libraries%                                       xz-5.2.2
-set libraries=%libraries%                                       zlib-1.2.11
+set libraries=%libraries%                                       zlib-1.2.12
 
 for %%e in (%libraries%) do (
     if exist "%EXTERNALS_DIR%\%%e" (
diff --git a/PCbuild/python.props b/PCbuild/python.props
index 296bfd637bf..1226d623831 100644
--- a/PCbuild/python.props
+++ b/PCbuild/python.props
@@ -53,7 +53,7 @@
     <opensslOutDir>$(ExternalsDir)openssl-bin-1.1.1n\$(ArchName)\</opensslOutDir>
     <opensslIncludeDir>$(opensslOutDir)include</opensslIncludeDir>
     <nasmDir>$(ExternalsDir)\nasm-2.11.06\</nasmDir>
-    <zlibDir>$(ExternalsDir)\zlib-1.2.11\</zlibDir>
+    <zlibDir>$(ExternalsDir)\zlib-1.2.12\</zlibDir>
     
     <!-- Suffix for all binaries when building for debug -->
     <PyDebugExt Condition="'$(PyDebugExt)' == '' and $(Configuration) == 'Debug'">_d</PyDebugExt>
-- 
GitLab