The widely used Zlib data-compression library finally has a patch to close a vulnerability that could be exploited to crash applications and services — four years after the vulnerability was first discovered but effectively left unfixed. Google Project Zero bug hunter Tavis Ormandy alerted the Open-Source-Software-Security mailing list about the programming blunder, CVE-2018-25032, which he found