upcoming release 6.1: old version of some core components
martinko
martinkov at pobox.sk
Wed Apr 12 18:43:24 UTC 2006
Kris Kennaway wrote:
> On Tue, Apr 11, 2006 at 05:46:06PM +0200, No at SPAM@mgEDV.net wrote:
>
>>
>>
>>>I can't answer you main question, but I would say that you can bet your
>>>shirt on the fact that there will be no known security issues in the
>>>older packages.
>>
>>>At least for openssl and openssh you can get latest versions through the
>>>ports. Not an option for everything -- I see no zlib for example and I
>>>don't believe there's a standard cvs port either.
>>
>>as for zlib i definitely know, that there are 2 security flaws, which can
>>lead to problems when invalid compressed data is feeded.
>
>
> Already fixed as soon as they were published. Are there other reasons
> to upgrade?
>
>
>>my problem also is not the installation of ports/packages/custom compiles,
>>it's more that the operating system components itself are linked against
>>these older libraries an therefore will contain bugs, which may have been
>>already solved.
>
>
> The other side of this is that newer versions are often incompatible
> (OpenSSL, I'm looking at you), which rules out upgrading the version
> in a FreeBSD-STABLE branch since it ruins binary compatibility.
>
> Kris
one may wonder why they change very minor version number/letter only, if
the changes are so disturbing..
More information about the freebsd-questions
mailing list