Upgrade zlib to 1.3.2, from 1.2.13

Changes in 1.3.2 (17 Feb 2026)

• Continued rewrite of CMake build [Vollstrecker]
• Various portability improvements
• Various github workflow additions and improvements
• Check for negative lengths in crc32_combine functions
• Copy only the initialized window contents in inflateCopy
• Prevent the use of insecure functions without an explicit request
• Add compressBound_z and deflateBound_z functions for large values
• Use atomics to build inflate fixed tables once
• Add definition of ZLIB_INSECURE to build tests with c89 and c94
• Add --undefined option to ./configure for UBSan checker
• Copy only the initialized deflate state in deflateCopy
• Zero inflate state on allocation
• Remove untgz from contrib
• Add _z versions of the compress and uncompress functions
• Vectorize the CRC-32 calculation on the s390x
• Set bit 11 of the zip header flags in minizip if UTF-8
• Update OS/400 support
• Add a test to configure to check for a working compiler
• Check for invalid NULL pointer inputs to zlib operations
• Add --mandir to ./configure to specify manual directory
• Add LICENSE.Info-Zip to contrib/minizip
• Remove vstudio projects in lieu of cmake-generated projects
• Replace strcpy() with memcpy() in contrib/minizip

Changes in 1.3.1.2 (8 Dec 2025)

• Improve portability to RISC OS
• Permit compiling contrib/minizip/unzip.c with decryption
• Enable build of shared library on AIX
• Make deflateBound() more conservative and handle Z_STREAM_END
• Add zipAlreadyThere() to minizip zip.c to help avoid duplicates
• Make z_off_t 64 bits by default
• Add deflateUsed() function to get the used bits in the last byte
• Avoid out-of-bounds pointer arithmetic in inflateCopy()
• Add Haiku to configure for proper LDSHARED settings
• Add Bazel targets
• Complete rewrite of CMake build [Vollstrecker]
• Clarify the use of errnum in gzerror()
• Note that gzseek() requests are deferred until the next operation
• Note the use of gzungetc() to run a deferred seek while reading
• Fix bug in inflatePrime() for 16-bit ints
• Add a "G" option to force gzip, disabling transparency in gzread()
• Improve the discrimination between trailing garbage and bad gzip
• Allow gzflush() to write empty gzip members
• Remove redundant frees of point list on error in examples/zran.c
• Clarify the use of inflateGetHeader()
• Update links to the RFCs
• Return all available uncompressed data on error in gzread.c
• Support non-blocking devices in the gz* routines
• Various other small improvements

Changes in 1.3.1 (22 Jan 2024)

• Reject overflows of zip header fields in minizip
• Fix bug in inflateSync() for data held in bit buffer
• Add LIT_MEM define to use more memory for a small deflate speedup
• Fix decision on the emission of Zip64 end records in minizip
• Add bounds checking to ERR_MSG() macro, used by zError()
• Neutralize zip file traversal attacks in miniunz
• Fix a bug in ZLIB_DEBUG compiles in check_match()
• Various portability and appearance improvements

Changes in 1.3 (18 Aug 2023)

• Remove K&R function definitions and zlib2ansi
• Fix bug in deflateBound() for level 0 and memLevel 9
• Fix bug when gzungetc() is used immediately after gzopen()
• Fix bug when using gzflush() with a very small buffer
• Fix crash when gzsetparams() attempted for transparent write
• Fix test/example.c to work with FORCE_STORED
• Rewrite of zran in examples (see zran.c version history)
• Fix minizip to allow it to open an empty zip file
• Fix reading disk number start on zip64 files in minizip
• Fix logic error in minizip argument processing
• Add minizip testing to Makefile
• Read multiple bytes instead of byte-by-byte in minizip unzip.c
• Add memory sanitizer to configure (--memory)
• Various portability improvements
• Various documentation improvements
• Various spelling and typo corrections