upcoming release 6.1: old version of some core components

Ted Mittelstaedt tedm at toybox.placo.com
Tue Apr 11 21:41:43 UTC 2006

Alex, you would lose that bet, zlib 1.2.2 has a hole in it, it
should have been replaced with 1.2.3  See the zlib website
for more info.

Nospam, good catch, if none of the hip-shooters here file a PR I'll
get around to it the next time I get a running build off the


>-----Original Message-----
>From: owner-freebsd-questions at freebsd.org
>[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Alex Zbyslaw
>Sent: Tuesday, April 11, 2006 6:25 AM
>To: freebsd-questions at freebsd.org
>Subject: Re: upcoming release 6.1: old version of some core components
>No at SPAM@mgEDV.net wrote:
>>during testing the 6.1-BETA4 i found only one major thing
>>i really like to discuss on the list for my understanding.
>>why are some major parts of the os are not updated to the
>>current versions (see examples beyond)? code-improvements
>>and security-/functionality-fixes come to my mind here.
>>examples given:
>>zlib (v1.2.2, 10/2004; current 1.2.3, 07/2005)
>>openssl (v0.9.7e, 10/2004; current 0.9.7i, 10/2005)
>>openssh (v4.2p1, 01/2005, current 4.3p2 02/2006)
>>for openssh, the code-freeze of freebsd was before the
>>release of 4.3, this makes sense, but what about the rest?
>I can't answer you main question, but I would say that you can bet your
>shirt on the fact that there will be no known security issues in the
>older packages.
>At least for openssl and openssh you can get latest versions
>through the
>ports.  Not an option for everything -- I see no zlib for example and I
>don't believe there's a standard cvs port either.
>freebsd-questions at freebsd.org mailing list
>To unsubscribe, send any mail to
>"freebsd-questions-unsubscribe at freebsd.org"
>No virus found in this incoming message.
>Checked by AVG Free Edition.
>Version: 7.1.385 / Virus Database: 268.4.1/307 - Release Date: 4/10/2006

More information about the freebsd-questions mailing list