Date: Tue, 6 Aug 2002 00:51:51 -0700 From: Kris Kennaway <kris@obsecurity.org> To: sigma@smx.pair.com Cc: freebsd-security@freebsd.org Subject: Re: zlib 1.1.4 Message-ID: <20020806075151.GA59261@xor.obsecurity.org> In-Reply-To: <20020804122115.82777.qmail@smx.pair.com> References: <20020804122115.82777.qmail@smx.pair.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Aug 04, 2002 at 08:21:15AM -0400, sigma@smx.pair.com wrote: > > Is there some reason zlib 1.1.3 seems to be part of 4.6-STABLE? cvsweb > shows 1.1.4 imported "on the vendor branch". There was a major security > advisory in March 2002 for 1.1.3. A diff suggests only minor changes > between the 1.1.4 source (from gzip.org) and the source used by 4.6-STABLE, > but it's still labeled 1.1.3, which is enough to raise questions. The version in -stable contains all necessary bugfixes, as is apparent from the FreeBSD security advisory on this topic. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020806075151.GA59261>