diff --git a/modules/zlib/src/ChangeLog.moz b/modules/zlib/src/ChangeLog.moz
index 1b4b5b7ef8e..3c20007b477 100644
--- a/modules/zlib/src/ChangeLog.moz
+++ b/modules/zlib/src/ChangeLog.moz
@@ -4,6 +4,7 @@
 Mozilla.org changes:
 - 17 June 2004
   Sync'd with 1.2.1 release
+  see bug #226733
 
 - 17 June 2004
   Add mozzconf.h
@@ -16,3 +17,7 @@ Mozilla.org changes:
 
 - 25 June 2004
   define NO_vsnprintf for VMS in zutil.h
+
+- 21 September 2004
+  applied patch for DoS vulnerabililty in inflate.c
+  see bug #258009
diff --git a/modules/zlib/src/inflate.c b/modules/zlib/src/inflate.c
index a53b5c7446e..b323a8c4afd 100644
--- a/modules/zlib/src/inflate.c
+++ b/modules/zlib/src/inflate.c
@@ -861,6 +861,9 @@ int flush;
                 }
             }
 
+            /* handle error breaks in while */
+            if (state->mode == BAD) break;
+
             /* build code tables */
             state->next = state->codes;
             state->lencode = (code const FAR *)(state->next);