[gdal-dev] zlib vulnerability CVE-2018-25032 affecting GAL

[Mateusz Loskot]

On Thu, 7 Apr 2022 at 15:08, Greg Troxel <gdt at lexort.com> wrote:
> Even Rouault <even.rouault at spatialys.com> writes:
> I therefore think it would be good to consider removing the vendored
> copies, or at least requiring explicit config to turn them on.

+1

> I wonder if it's still really necessary/helpful to have included libs
> like zlib.

Good question that I have wondered myself about.

Best regards,
-- 
Mateusz Loskot, http://mateusz.loskot.net