Comment 0 for bug 1729414

The current package available to 14.04/trusty is 1:1.2.8.dfsg-1ubuntu1 which does not have the upstream fixes for the following CVEs:

* CVE-2016-9840 (high)
* CVE-2016-9841 (critical)
* CVE-2016-9842 (high)
* CVE-2016-9843 (critical

Being that they are being categorized as such by NIST, it would be very nice to get these fixes backported to Trusty or the most recent version of zlib made available to Trusty.

Thanks!