nospam, I just checked the cvs, and they did catch zlib, 1.2.3 is in
there now. /usr/src/lib/libz.
BETA4 is older than the current cvs
Note that some programs (cvs) seem to have copies of zlib.c that are
older, maybe that's
what your seeing?
as for openssl, it is still at 0.9.7e and yes there was a security fix
released in 0.9.7h,
it should be updated - however the developer in charge of that may have
to patch the security fix rather than rev openssl up, since so many
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] Behalf Of
>Sent: Tuesday, April 11, 2006 5:55 AM
>Subject: upcoming release 6.1: old version of some core components
>during testing the 6.1-BETA4 i found only one major thing
>i really like to discuss on the list for my understanding.
>why are some major parts of the os are not updated to the
>current versions (see examples beyond)? code-improvements
>and security-/functionality-fixes come to my mind here.
>zlib (v1.2.2, 10/2004; current 1.2.3, 07/2005)
>openssl (v0.9.7e, 10/2004; current 0.9.7i, 10/2005)
>openssh (v4.2p1, 01/2005, current 4.3p2 02/2006)
>for openssh, the code-freeze of freebsd was before the
>release of 4.3, this makes sense, but what about the rest?
>br & cu...
>ps: just reply 2 the list please...
>email@example.com mailing list
>To unsubscribe, send any mail to
>No virus found in this incoming message.
>Checked by AVG Free Edition.
>Version: 7.1.385 / Virus Database: 268.4.1/307 - Release Date: 4/10/2006
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"