From owner-freebsd-security  Tue Mar 12  8:33:52 2002
Delivered-To: freebsd-security@freebsd.org
Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153])
	by hub.freebsd.org (Postfix) with ESMTP
	id C7D5A37BB5A; Tue, 12 Mar 2002 08:33:22 -0800 (PST)
Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111])
	by gw.nectar.cc (Postfix) with ESMTP
	id 4564044; Tue, 12 Mar 2002 10:33:22 -0600 (CST)
Received: (from nectar@localhost)
	by madman.nectar.cc (8.11.6/8.11.6) id g2CGXMG36789;
	Tue, 12 Mar 2002 10:33:22 -0600 (CST)
	(envelope-from nectar)
Date: Tue, 12 Mar 2002 10:33:22 -0600
From: "Jacques A. Vidrine" <nectar@FreeBSD.ORG>
To: Chris Faulhaber <jedgar@fxp.org>
Cc: freebsd-security@FreeBSD.ORG, green@FreeBSD.ORG
Subject: Re: zlib and FreeBSD (was Re: RedHat advisory - RHSA-2002:026-35 zlib double free -- Is this 4.5-R-p1?)
Message-ID: <20020312163322.GW35955@madman.nectar.cc>
Mail-Followup-To: "Jacques A. Vidrine" <nectar@FreeBSD.org>,
	Chris Faulhaber <jedgar@fxp.org>, freebsd-security@FreeBSD.ORG,
	green@freebsd.org
References: <20020311154424.A22882@sheol.localdomain> <64040.1015886430@critter.freebsd.dk> <20020312145337.GB35955@madman.nectar.cc> <20020312152837.GC94019@peitho.fxp.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20020312152837.GC94019@peitho.fxp.org>
User-Agent: Mutt/1.3.27i
X-Url: http://www.nectar.cc/
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

On Tue, Mar 12, 2002 at 10:28:37AM -0500, Chris Faulhaber wrote:
> On Tue, Mar 12, 2002 at 08:53:37AM -0600, Jacques A. Vidrine wrote:
> > In addition to Poul-Henning's information below, the zlib bug was also
> > patched in the security branches around February 22nd ``just in
> > case.''  Likewise, similar code in the kernel was fixed
> > (sys/net/zlib.c).
> > 
> > Hmm, I just noticed that for some reason, the fixes don't seem to have
> > been committed to -CURRENT or -STABLE.  Maybe Chris had a reason for
> > this.  It may be a moot point soon, as Brian has recently imported the
> > new (fixed) zlib into -CURRENT, and I imagine he will merge it into
> > -STABLE before long.
> > 
> 
> I committed fixes to HEAD, RELENG_4, and RELENG_[345] for
> both src/lib/libz/infblock.c and src/net/zlib.c in February.
> Did I miss something?

No, I guess I did.  I thought I had saved each of the resulting cvs
messages to a folder for later reference, but I must have missed HEAD
and RELENG_4.  A quick scan of the `cvs log' output resulted in me
missing it again.  Sorry about that!

Cheers,
-- 
Jacques A. Vidrine <n@nectar.cc>                 http://www.nectar.cc/
NTT/Verio SME          .     FreeBSD UNIX     .       Heimdal Kerberos
jvidrine@verio.net     .  nectar@FreeBSD.org  .          nectar@kth.se

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message