Backport potential zlib security fix from io.js

[misterdjules]

nodejs/node#1811 has been identified as a potential security issue, and a discussion has started around issuing a CVE. It would probably be a good idea to backport these changes and ship them in a release before a CVE is issued.

/cc @joyent/node-collaborators @trevnorris @indutny

[misterdjules]

Moving to milestone v0.10.40, as v0.10.39 was released today.

[jasnell]

+1