Patch ZLIB to version 1.2.11-r4

Drone Bugs
1

Dear Drone team,

I have an automated CD process to upgrade Drone server itself every version change.
One of the steps is scan the vulnerabilities of the Drone server image, and I am getting a vulnerability:

+---------+------------------+----------+-------------------+---------------+---------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION |                 TITLE                 |
+---------+------------------+----------+-------------------+---------------+---------------------------------------+
| zlib    | CVE-2022-37434   | CRITICAL | 1.2.11-r3         | 1.2.11-r4     | zlib: heap-based buffer               |
|         |                  |          |                   |               | over-read and overflow in             |
|         |                  |          |                   |               | inflate() in inflate.c via a...       |
|         |                  |          |                   |               | -->avd.aquasec.com/nvd/cve-2022-37434 |
+---------+------------------+----------+-------------------+---------------+---------------------------------------+

Could you take a look and upgrade the zlib library version to the newer one that fix the issue.
Cheers,
Miguel

2

@madhosoi welcome to the Harness Community :tada:

Can you submit a PR with the changes? We will review it and make the fix accordingly.

Note: We review the issues and proposal every Tuesday.

Is there anything else that I could help with?

Thanks!