Alex, you would lose that bet, zlib 1.2.2 has a hole in it, it
should have been replaced with 1.2.3 See the zlib website
for more info.
Nospam, good catch, if none of the hip-shooters here file a PR I'll
get around to it the next time I get a running build off the
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] Behalf Of Alex Zbyslaw
>Sent: Tuesday, April 11, 2006 6:25 AM
>Subject: Re: upcoming release 6.1: old version of some core components
>[EMAIL PROTECTED]@mgEDV.net wrote:
>>during testing the 6.1-BETA4 i found only one major thing
>>i really like to discuss on the list for my understanding.
>>why are some major parts of the os are not updated to the
>>current versions (see examples beyond)? code-improvements
>>and security-/functionality-fixes come to my mind here.
>>zlib (v1.2.2, 10/2004; current 1.2.3, 07/2005)
>>openssl (v0.9.7e, 10/2004; current 0.9.7i, 10/2005)
>>openssh (v4.2p1, 01/2005, current 4.3p2 02/2006)
>>for openssh, the code-freeze of freebsd was before the
>>release of 4.3, this makes sense, but what about the rest?
>I can't answer you main question, but I would say that you can bet your
>shirt on the fact that there will be no known security issues in the
>At least for openssl and openssh you can get latest versions
>ports. Not an option for everything -- I see no zlib for example and I
>don't believe there's a standard cvs port either.
>firstname.lastname@example.org mailing list
>To unsubscribe, send any mail to
>No virus found in this incoming message.
>Checked by AVG Free Edition.
>Version: 7.1.385 / Virus Database: 268.4.1/307 - Release Date: 4/10/2006
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"