On Tue, Apr 11, 2006 at 05:46:06PM +0200, [EMAIL PROTECTED]@mgEDV.net wrote: > > > I can't answer you main question, but I would say that you can bet your > >shirt on the fact that there will be no known security issues in the > > older packages. > > > At least for openssl and openssh you can get latest versions through the > > ports. Not an option for everything -- I see no zlib for example and I > > don't believe there's a standard cvs port either. > > as for zlib i definitely know, that there are 2 security flaws, which can > lead to problems when invalid compressed data is feeded.
Already fixed as soon as they were published. Are there other reasons to upgrade? > my problem also is not the installation of ports/packages/custom compiles, > it's more that the operating system components itself are linked against > these older libraries an therefore will contain bugs, which may have been > already solved. The other side of this is that newer versions are often incompatible (OpenSSL, I'm looking at you), which rules out upgrading the version in a FreeBSD-STABLE branch since it ruins binary compatibility. Kris
Description: PGP signature