did i ever mention "i love communities!" ;-) well, 1st of all, thx 2 all the people who gave it a whirl and went deeper into cvs as i would ever do (i'm definitely not a dev ;-), btw. that was my reason for asking this on the list )
2nd, the thing alex brought up is very confusing, because it seems, that security fixes which are related to zlib 1.2.3 have been applied to 1.2.2#FREEBSD-VERSION and the rest (?whatever it is?) of the changes have not been applied (if the're any). from my point of view (compatibility and transparence come to my mind) shouldn't be the code as close as possible to the original developed code for any library? ok, we could discuss libjpeg here, but zlib should be a standard, and it seems for some guys it's easier to implement the fixes instead of upgrading to the new version. i'm again sure, that the maintainer of fbsd-zlib knows why, but to an "not-so-deep-in-c" guy like me, it's still confusing. with openssl even i had problems replacing one version with another, but looking at the security, i try to stay with some more or less current version. finally, for the userland stuff (goes into jails anyway, so no interference with the os at all) i'll compile/get packages with newer versions, and the os (hell, if someone is possible to insert malicious compressed streams on my os, he can have the box at all ;-) ) stay's with the standards being delivered with the release/stable versions. does this sound smart for you? ps: i had to stop writing this 3 times because of some odd customer, please forgive some stupid wording in here ;-) _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"