Update zlib to version 1.2.13

[fijoy]

System Information

OpenCV version: all versions
Operating System: NA
Compiler & compiler version: NA

Detailed description

Following the OpenCV forum post here:

https://forum.opencv.org/t/zlib-update-to-resolve-security-vulnerability/10861

there are reports of a Critical severity security vulnerability in zlib through the 1.2.12 version: https://cve.report/CVE-2022-37434

OpenCV does not invoke the vulnerable inflateGetHeader() routine from zlib:

https://github.com/opencv/opencv/search?q=inflategetheader

So this is not a true security vulnerability in OpenCV. However, security scanning tools will still flag OpenCV as vulnerable, which is a problem with customers when OpenCV is part of (a commercial) application.

The latest zlib version used by any of the OpenCV versions is 1.2.12, so all OpenCV versions contain the vulnerable zlib version.

The vulnerability is resolved in zlib 1.2.13: https://www.zlib.net/

OpenCV version 4.5.3 was built and tested successfully with zlib 1.2.13, so the vulnerability may be removed by replacing the current zlib version used by OpenCV (1.2.12) with the new zlib version.

Steps to reproduce

The README of zlib used by OpenCV states that its version is 1.2.12: https://github.com/opencv/opencv/blob/4.x/3rdparty/zlib/README

Issue submission checklist

• I report the issue, it's not a question
• I checked the problem with documentation, FAQ, open issues, forum.opencv.org, Stack Overflow, etc and have not found any solution
• I updated to the latest OpenCV version and the issue is still there
• There is reproducer code and related data files (videos, images, onnx, etc)