Alex, you would lose that bet, zlib 1.2.2 has a hole in it, it should have been replaced with 1.2.3 See the zlib website for more info.
Nospam, good catch, if none of the hip-shooters here file a PR I'll get around to it the next time I get a running build off the cvs. Ted >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] Behalf Of Alex Zbyslaw >Sent: Tuesday, April 11, 2006 6:25 AM >To: freebsd-questions@freebsd.org >Subject: Re: upcoming release 6.1: old version of some core components > > >[EMAIL PROTECTED]@mgEDV.net wrote: > >>during testing the 6.1-BETA4 i found only one major thing >>i really like to discuss on the list for my understanding. >> >>why are some major parts of the os are not updated to the >>current versions (see examples beyond)? code-improvements >>and security-/functionality-fixes come to my mind here. >> >>examples given: >>zlib (v1.2.2, 10/2004; current 1.2.3, 07/2005) >>openssl (v0.9.7e, 10/2004; current 0.9.7i, 10/2005) >>openssh (v4.2p1, 01/2005, current 4.3p2 02/2006) >> >>for openssh, the code-freeze of freebsd was before the >>release of 4.3, this makes sense, but what about the rest? >> >> >> >I can't answer you main question, but I would say that you can bet your >shirt on the fact that there will be no known security issues in the >older packages. > >At least for openssl and openssh you can get latest versions >through the >ports. Not an option for everything -- I see no zlib for example and I >don't believe there's a standard cvs port either. > >--Alex > > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to >"[EMAIL PROTECTED]" > >-- >No virus found in this incoming message. >Checked by AVG Free Edition. >Version: 7.1.385 / Virus Database: 268.4.1/307 - Release Date: 4/10/2006 > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"